Attackers Use AI Chatbot Responses to Deliver Cryptojacking Malware

Microsoft has documented an active campaign where threat actors manipulate AI chatbot interactions to surface malicious download sites delivering cryptojacking malware. Users asking AI assistants for software recommendations may be directed to attacker-controlled lookalike sites.

The technique extends social engineering beyond traditional search-result poisoning into AI-generated responses, which many users treat as more authoritative than organic search. Microsoft Defender Experts are tracking the campaign. Users should verify download sources independently of AI recommendations; organizations should enforce software download policies and consider adding AI-recommended domains to proxy allowlist review workflows.