AI Chatbot Recommendations Abused to Spread Cryptojacking Malware

Thumbnail Image

The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.

Cybercriminals have manipulated AI chatbot responses to direct users seeking popular PC utilities to malicious download sites, resulting in malware infections that hijack high-performance GPUs for unauthorized cryptocurrency mining. Microsoft researchers identified this targeted campaign, which exploits both SEO and AI-generated recommendations, causing harm through resource theft and system compromise.[AI generated]

Why's our monitor labelling this an incident or hazard?

The article explicitly mentions AI chatbots recommending malicious links, which users follow, resulting in malware installation and cryptojacking. The AI system's role in recommending these spoofed sites is pivotal to the harm occurring. The harm includes injury to users' property (their devices) and harm to communities (through cryptojacking and malware spread). Therefore, this qualifies as an AI Incident under the framework definitions.[AI generated]
AI principles
Robustness & digital securitySafety
Industries
Digital security
Affected stakeholders
Consumers
Harm types
Economic/Property
Severity
AI incident
AI system task:
Interaction support/chatbotsOrganisation/recommenders

Articles about this incident or hazard

Thumbnail Image

'Threat actors are adapting social engineering and monetization strategies to modern user behavior': Microsoft warns AI chatbots may be sending victims to malicious websites -- so be on your guard when clicking

2026-05-27
TechRadar
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions AI chatbots recommending malicious links, which users follow, resulting in malware installation and cryptojacking. The AI system's role in recommending these spoofed sites is pivotal to the harm occurring. The harm includes injury to users' property (their devices) and harm to communities (through cryptojacking and malware spread). Therefore, this qualifies as an AI Incident under the framework definitions.
Thumbnail Image

Microsoft Warns of Sneaky Crypto Miner Threat Targeting High-End PC Users - U.Today

2026-05-27
u.today
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions that threat actors poison AI chatbot results (LLM outputs) to deceive users into downloading malware. This is a direct misuse of an AI system's outputs leading to harm (cryptojacking and unauthorized use of hardware). The harm is realized as users' GPUs are hijacked and their systems compromised. Hence, this qualifies as an AI Incident due to the direct link between AI system misuse and harm to property and user security.
Thumbnail Image

Microsoft Warns of GPU Cryptojacking Campaign Spread Through AI Chatbot Links

2026-05-28
Windows Report | Error-free Tech Life
Why's our monitor labelling this an incident or hazard?
The event explicitly mentions AI-generated chatbot responses being manipulated to direct users to attacker-controlled domains hosting malicious software. This indicates the involvement of an AI system in the distribution vector of the malware. The malware infection causes harm by hijacking users' GPUs for cryptomining, which constitutes harm to property and unauthorized use of resources. Therefore, the event meets the criteria for an AI Incident because the AI system's use has directly led to realized harm through malware infection and cryptojacking.
Thumbnail Image

Cybercriminals Exploit AI Chatbots in Sophisticated Social Engineering Attacks

2026-05-29
WebProNews
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions AI chatbots being compromised or manipulated to deliver malicious links and content that lead to malware infections, credential theft, and financial scams. These outcomes constitute direct harm to individuals and communities, fulfilling the criteria for an AI Incident. The AI systems' use and malfunction (compromise) are central to the harm. The detailed examples of active campaigns and observed attacks confirm that harm is occurring, not merely a plausible future risk. Therefore, this event qualifies as an AI Incident rather than a hazard or complementary information.
Thumbnail Image

Hackers Abuse AI Chatbot Recommendations to Push Malicious Software Download Links

2026-05-27
Cyber Security News
Why's our monitor labelling this an incident or hazard?
The article explicitly states that AI chatbots (LLM-based) are manipulated to provide malicious software download links, which users follow, resulting in malware infections and subsequent harms such as cryptojacking and unauthorized remote access. This constitutes direct harm caused by the AI system's outputs being exploited, fulfilling the criteria for an AI Incident. The harm is realized, not just potential, and the AI system's misuse is pivotal in the attack's success.
Thumbnail Image

Microsoft Warns High-End PC Users of Stealth Crypto Mining Malware - Crypto Economy

2026-05-27
Crypto Economy
Why's our monitor labelling this an incident or hazard?
The event involves AI systems in the form of AI-generated chatbot recommendations that are manipulated to distribute malware. The malware causes harm by unauthorized use of computing resources and persistent unauthorized access, which constitutes harm to property and user rights. Since the AI system's use directly leads to harm (malware installation and resource hijacking), this qualifies as an AI Incident under the definitions provided.