Microsoft has issued a warning about an active cryptojacking campaign that uses AI chatbot interactions to impersonate legitimate systems and direct users to malicious download sites. Once victims click the links, threat actors establish persistent remote access to compromised computers, potentially enabling further activities such as data theft or ransomware deployment. The campaign, detailed in a report from Microsoft Defender Experts and the Microsoft Defender Security Research Team, represents an emerging delivery technique that extends social engineering tactics to AI-generated responses.[1]
It targets users searching for popular system utilities and hardware-monitoring software via large-language-model-based chatbots. Attackers poison AI chatbot outputs by planting links to over 150 malicious domains, many hosted as subdomains under gleeze[.]com, a dynamic DNS provider previously linked to threat activity. The domains impersonate legitimate tools, including CrystalDiskInfo, HWMonitor, Display Driver Uninstaller, FurMark, K-Lite Codec Pack, and PDFgear.
When users follow the AI-recommended links, they reach fake download pages featuring prominent buttons for the seemingly legitimate software. Clicking the button downloads a ZIP archive containing a genuine executable bundled with a malicious DLL named autorun.dll. This DLL sideloads another rogue component, vcredirect_x64.dll, via msiexec.exe.
The payload then installs ScreenConnect remote access software, which connects to an attacker-controlled server at 193.42.11[.]108. Further stages deploy persistence mechanisms through Registry Run keys and scheduled tasks, configure Microsoft Defender exclusions, and perform anti-analysis checks. A process hollowing technique runs mining code under a trusted Microsoft-signed binary.
In some instances, a PowerShell script fetches additional binaries, renames them as vlc.exe, and sets up scheduled tasks before self-deleting. The final payload downloads and executes popular cryptocurrency miners such as gminer, lolMiner or SRBMiner-MULTI, focusing on systems with high-performance GPUs for maximum efficiency. The malware recreates persistence if it is disrupted and terminates if it is detected by analysis tools such as Task Manager or Process Hacker.
Beyond cryptojacking for financial gain, the installed ScreenConnect provides attackers with long-term remote access, opening the door to data exfiltration, lateral movement or ransomware deployment. In an expert comment, Dr. Ilia Kolochenko, CEO at ImmuniWeb, highlighted the growing danger of such attacks. “Malicious manipulation of LLM and AI chatbot outputs is the next big thing - likely causing millions of high-profile security incidents and data breaches in the next 18 months,” he said.
Dr. Kolochenko noted that cybercriminals have manipulated search results and advertisements for nearly two decades, but large language models dramatically amplify the risk. “Most AI chatbot users trust AI output implicitly and click links without caution,” he explained. “Meanwhile, AI companies are at the nascent stage of defending against these attacks and, overwhelmed by other security issues, are unlikely to fix them soon.” He offered straightforward advice for users: “Whatever your favorite chatbot gives you as a link, think twice before clicking.”
Microsoft has detected and blocked much of the activity, describing it as a deliberate focus on high-value endpoints with powerful graphics processing units. The campaign illustrates how threat actors are adapting social engineering to modern user behavior by leveraging trusted AI tools.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information (CTI) via a notification/Tier I analysis service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please contact the office directly at 1-844-492-7225 or feedback@redskyalliance.com
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/7855487668891299929
[1] https://www.cybersecurityintelligence.com/blog/poisonous-ai-chatbot-cryptojacking-campaign-9419.html
Comments