According to IT House on September 29, Microsoft began embedding advertising content in Bing chat in March this year in order to generate revenue to keep the project running. But it also opens the door for malware.Many media and users reported that the link to guide the jump contained malware in the chat content.
Microsoft will mark "Ad" ads on links in Bing chat, but in actual chat scenarios, users usually don't pay much attention to them, and some of the ads will lead to malicious software sites.
A sample of malware found by security company Malwarebytes, disguised as the mainstream "Advanced IP Scanner" utility, mentions the keyword in Bing chat and displays a malicious download link in the first link.
The malicious advertising campaign was created by a hacker who hacked into the advertising account of a legitimate Australian company and created two malicious ads aimed at system administrators (IP scanners) and lawyers (MyCase legal managers).
Clicking on a malicious advertisement in the IP scanner will take the user to a website (mynetfolderip [.]. CFD) to distinguish between robots, reptiles and human victims by checking the IP address, time zone, and various system indicators of sandboxie / virtual machine.
The victim will be redirected to advenced-ip-scanner [.]. Com website, which is a phishing website of Advanced IP Scanner.
The downloaded MSI installer contains three files, one of which is a highly confusing malicious script that connects to an external resource to retrieve the payload.
The link to the original text of the report is attached to IT House, which can be read in depth by interested users.
Advertisement statement: the external jump links (including not limited to hyperlinks, QR codes, passwords, etc.) contained in the text are used to transmit more information and save selection time. The results are for reference only. All articles of IT House contain this statement.