"Cybersecurity researchers warn that AI assistants with web access could play a new role in malware campaigns. Instead of connecting directly to a command-and-control server, attackers can use AI platforms as an intermediary for communication, making malicious traffic less likely to be detected. Research by security company Check Point shows that AI assistants such as Grok and Microsoft Copilot can be misused to transport commands and data between an infected system and an attacker's infrastructure."
"In the proof of concept developed by the researchers, malware does not communicate directly with an external server, but with an AI assistant via a web interface. The malware instructs the AI to retrieve a specific URL controlled by the attacker. The page contains hidden instructions that the AI processes and returns in a response. The malware reads this response and extracts the actual commands or configurations from it."
"For this approach, the researchers use WebView2, a component in Windows 11 that allows web content to be displayed within an application without a full browser. Even if WebView2 is not present on the target system, according to Check Point, it can still be included in the malware. The researchers built a C++ application that opens a WebView to Grok or Copilot, enabling interaction with the AI."
AI assistants with web access can serve as intermediaries for malware command-and-control, enabling infected systems to communicate through AI platforms instead of direct external servers. Malware can instruct an AI assistant via a web interface to fetch attacker-controlled URLs containing hidden instructions; the AI summarizes the page and returns content that the malware parses to extract commands or configurations. The technique can use WebView2 to embed a web interface within an application, and malware can bundle WebView2 if absent. Traffic routed through reputable AI services can bypass existing filters and does not require attacker accounts or API keys, complicating mitigation.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]