Hackers are distributing malware via fake versions of Google Bard, the tech giant’s answer to ChatGPT.
The campaign was discovered after researchers at ESET found an ad on Facebook promoting the AI writer. However, it seems there were plenty of red flags signifying its dubious content.
The ad copy was littered with bad grammar and spelling mistakes, while the writing style was amateurish and well below the standard expected from a company like Google.
Triggering antivirus alarms
If that wasn’t enough, the ad provided a link that didn’t lead to a Google domain, but rather to one belonging to a Dublin-based firm called rebrand.ly. If one were to click on that link, they’d be redirected to a website posing as a Google site.
While the researchers couldn’t be certain, they warned that visiting such a page while being logged into the browser could expose sensitive information.
Finally, the site had a download button which, when clicked, would trigger the download of malware hosted on a personal Google Drive space and hidden behind an archive titled GoogleAIUpdate.rar. Standard antivirus programs identified the executable as malicious.
“At the time of writing, the campaign was still visible in different variations, but I reported it and will most certainly not be the only one doing so,” one researcher said. “It seems that this might be a bigger campaign as I’ve now encountered other examples such as ‘meta AI’ or other fake ‘Google AI’ ads.”
This is not the first time criminals have exploited the current AI boom in an attempt to distribute malware. In late March this year, security researchers from CloudSEK discovered an elaborate scheme that sought to distribute malware via a fake ChatGPT app. In this instance, crooks also abused Facebook’s advertising space to promote the scam.