Microsoft warns of an active cryptojacking campaign where threat actors use poisoned search engine results and AI chatbot interactions to direct users to malicious download sites impersonating legitimate hardware and utility software tools like CrystalDiskInfo and HWMonitor. The attack vector involves social engineering to trick users into downloading malware that performs cryptojacking. No specific software vulnerability, CVSS score, or patch is detailed; the primary mitigation is user awareness and caution when downloading software from search results or chatbot recommendations.
Cybercriminals are using AI chatbot interactions alongside poisoned search results to direct users to malicious download sites in an active cryptojacking campaign, Microsoft has warned. The campaign impersonates legitimate software tools such as CrystalDiskInfo, HWMonitor, Display Driver Uninstaller (DDU), FurMark, K-Lite Codec Pack, and PDFgear. Screenshot of search engine results showing a malicious source of hwmonitor (Source: Microsoft) “The selection of these brands is deliberate. Each application is favored by PC enthusiasts and hardware-focused users, … More → The post AI chatbot recommendations lure users to cryptojacking malware sites appeared first on Help Net Security .