Summaries
AI Chatbot Cryptojacking — SEO Poisoning, ScreenConnect, and GPU Mining at Scale
Microsoft warns of a cryptojacking campaign using AI chatbot recommendations to direct users to malicious download sites, deploying GPU miners and persistent ScreenConnect remote access.
View on Graph
Summary
Microsoft Defender Experts and the Microsoft Defender Security Research Team have identified an active cryptojacking campaign that uses AI chatbot interactions as a delivery mechanism for directing users to malicious download sites. The campaign represents an evolution of SEO poisoning beyond traditional search engines.
The attack chain works in stages. First, users searching for trusted system utilities — CrystalDiskInfo, HWMonitor, Display Driver Uninstaller, FurMark, K-Lite Codec Pack, PDFgear — encounter malicious sites served through SEO poisoning. In subsequent iterations observed in April 2026, users are directed to these sites not through search engine results but via AI chatbot recommendations: users querying LLM-based tools for software download recommendations are presented with links to attacker-controlled domains.
The malicious sites host ZIP archives from campaign-specific subdomains (over 150 identified). The ZIP contains a legitimate executable alongside a rogue DLL (autorun.dll) that is sideloaded when the binary runs. This DLL installs a second malicious DLL (vcredist_x64.dll) via msiexec.exe, which is a packaged installer for ScreenConnect remote access software.
ScreenConnect provides persistent backdoor access, establishing continuous C2 contact to an attacker-controlled server. The ScreenConnect session then deploys SimpleRunPE.exe, which establishes persistence via Registry Run keys and scheduled tasks, configures Microsoft Defender exclusions, runs anti-analysis checks, and uses process hollowing to launch mining code under a trusted Microsoft-signed binary. Three miner programs are supported: gminer, lolMiner, and SRBMiner-MULTI.
The malware terminates mining processes if it detects Task Manager, Process Hacker, Process Explorer, or System Informer — a tell for users who suspect compromise.
Why It Matters
This campaign demonstrates AI-assisted delivery as a new vector that extends social engineering beyond conventional search results. By poisoning AI chatbot training data or manipulating the chatbot’s response generation, attackers turn trusted AI assistants into malware delivery mechanisms. The ScreenConnect component adds persistent remote access capabilities that can be leveraged for data theft, lateral movement, or ransomware — making this more than just a mining operation. For analysts, the targeting of GPU-rich systems suggests attackers are optimizing for mining yield, but the access they establish can be used for higher-value objectives.
Defender Takeaways
- Implement software download policies that direct users to trusted, pre-approved internal or vendor sources.
- Monitor for ScreenConnect installations that are not IT-managed — unexpected instances indicate compromise.
- Search for
SimpleRunPE.exe, unusualautorun.dll, orvcredist_x64.dllfiles outside expected locations. - Monitor for Miner detection tools (Task Manager, Process Hacker) being terminated — this is a miner anti-forensics behavior.
- Review AI chatbot usage policies — consider blocking LLM-based tools that may surface unverified software recommendations.
- Track the 150+ malicious domains for emerging IOCs and block them at the web proxy/DNS level.
Source
Title: AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites — The Hacker News/Microsoft
URL: https://thehackernews.com/2026/05/ai-chatbot-recommendations-redirect.html
Related
- Social Engineering — detection and response for T1566 techniques
- Process Injection — detection and response for T1055 techniques
- Cloud Threats — detection and response for T1525, T1552, T1613 techniques