AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. "This emerging delivery technique extends social engineering beyond conventional search results and increases the visibility of malicious software recommendations," Microsoft Defender Experts and the Microsoft

According to Microsoft, attackers are abusing AI chatbot recommendations to steer users to over 150 malicious lookalike software download domains that deliver cryptojacking and remote access malware rather than legitimate tools.[2][3] These campaigns extend classic SEO poisoning by effectively "poisoning" AI-assisted search, leading users who ask chatbots for download links to attacker-controlled sites distributing trojanized utilities via ZIP files and DLL sideloading.[2][3] From a CyberSE.AI perspective, this demonstrates that AI-assisted discovery and recommendation systems are now an active part of the attack surface, requiring organizations to threat-model LLM output as an untrusted channel, implement continuous AI red teaming to detect such recommendation abuse, and define governance policies for how AI-generated links are validated before user exposure.