Imagine asking Bing Chat a question..

Hello Bing, I would like to download advanced IP scanner

PS the RED malicious ad warning not displayed!

Then the Bing Chat query to download the Advanced IP Scanner (above) returns a link that, when hovered, displayed a malicious ad pointing to a fraudulent link before the next line which is the official site hosting the tool.

These guys are genius!

Clicking the link takes the user to a traffic direction system (TDS) that fingerprints and determines if the request is actually originating from a real human as opposed to a bot, crawler, or sandbox (they’re so smart), before taking them to a decoy page containing the rogue installer that installs the malware onto your computer just by visiting it. You can try to hit the back button, or turn your computer off in a panic, and leave it unplugged for 20 minutes hoping its ‘leaks’ out and goes away but nope- too late..

A rogue installer means no further, possibly easy to get suspicious link to click to get infected. Like you go to the site, and have to click another link. In this instance as soon as you arrive at the site, boom they got you. And they have some nice parting gifts for you.

Yeah, EVIL genius.

In summary, the media says $10.3 billion was lost to cybercrime in 2022. We look at it a bit differently.

We think $10.3 billion was made by cybercriminals in 2022. Giving them an amazing war-chest (which grows every year) to hire some of the smartest and brightest techies across the globe, to come up with things like inserting malicious ads in Bing Chat. We’re all doomed lol.

Read the whole article on Hacker News

Malvertising Guide CrowdStrike