Recent reports from researchers, via BleepingComputer, reveal that Microsoft’s Bing AI search is recommending malicious GitHub repositories. These fake projects mimic OpenClaw to trick users into downloading data-stealing malware.
Key Details:
- Target Systems: Both Windows and macOS users are at risk.
- Objective: The malware is designed to steal sensitive data from infected computers.
- The Tactic: Hackers created repositories with legitimate-looking features to "poison" AI search results. Merely hosting the code on GitHub was enough for Bing AI to suggest these links to users.
- Current Status: While the repositories have been reported to GitHub, it is currently unclear if all malicious links have been fully removed.
How to Stay Safe:
- Verify the Author: Always check the reputation and history of a GitHub repository creator before downloading.
- Cross-Reference Links: Do not rely solely on AI-generated suggestions for software downloads.
- Check Official Sources: Use official project websites or verified documentation to find download links.
