In a very disturbing report from Bleeping Computer, security researchers have found ads containing malware links – to downloads of virus-laden software and ransomware – are now showing up in Bing Chat search results:

Malicious advertisements are now being injected into Microsoft’s AI-powered Bing Chat responses, promoting fake download sites that distribute malware.

Bing Chat, powered by OpenAI’s GPT-4 engine, was introduced by Microsoft in February 2023 to challenge Google’s dominance in the search industry.

By offering users an interactive chat-based experience instead of the traditional search query and result format, Bing Chat aimed to make online searches more intuitive and user-friendly.

In March, Microsoft began injecting ads into Bing Chat conversations to generate revenue from this new platform.

Malicious ads spotted by Malwarebytes are pretending to be download sites for the popular ‘Advanced IP Scanner’ utility, which has been previously used by RomCom RAT and Somnia ransomware operators.

The researchers found that when you asked Bing Chat how to download Advanced IP Scanner, it would display a link to download it in the chat. 

However, when you hover over an underlined link in a chat, Bing Chat may show an advertisement first, followed by the legitimate download link. In this case, the sponsored link was a malvertisements pushing malware…

Read the whole report – it’s very important – here. And be VERY CAREFUL before clicking on any advertising links offered up by Bing Chat or Windows Copilot, which is powered by Bing Chat!