Skip to main content

Malware is spreading through Google Bard ads — here’s how to avoid them

As the public adjusts to trusting artificial intelligence, there also brews a perfect environment for hackers to trap internet users into downloading malware.

The latest target is the Google Bard chatbot, which is being used as a decoy for those online to unknowingly click ads that are infected with nefarious code. The ads are styled as if they are promoting Google Bard, making them seem safe. However, once clicked on, users will be directed to a malware-ridden webpage instead of an official Google page.

Malware posing as a Google Bard ad.
ESET Research / ESET Research

Security researchers at ESET first observed the discrepancies in the ads, which include several grammar and spelling errors in the copy, as well as a writing style that is not up to par with Google’s standard, according to TechRadar.

The ad directs users to the webpage of a Dublin-based firm called instead of a Google-hosted domain, where you would actually learn more about the Bard chatbot. Researchers have not confirmed, but have noted and warned that accessing such pages while being logged into browser accounts could leave your private data susceptible to being hacked.

Additionally, the ad includes a download button, which when accessed downloads a file that appears as a personal Google Drive space; however, it is actually a confirmed malware called GoogleAIUpdate.rar.

ESET researcher, Thomas Uhlemann noted as of Monday, the “campaign was still visible in different variations.”

He added this is one of the larger cyberattacks of its kind he has seen, some including fake ads for meta AI or different Google AI dupe marketing.

Bard is currently the biggest competition of OpenAI’s ChatGPT chatbot. ChatGPT experienced a similar cyberattack in late February when an info-stealing malware called Redline was observed by Security researcher Dominic Alvieri. The malware was hosted on the website, which featured ChatGPT branding and was being advertised on a Facebook page as a legitimate OpenAI link to persuade people into accessing the infected site.

Alvieri also found fake ChatGPT apps on Google Play and various other third-party Android app stores, which could send malware to devices if downloaded.

ChatGPT has been a major target of bad actors, especially since it introduced its $20 monthly ChatGPT Plus tier in early February. Bad actors have even gone as far as using the chatbot to create malware. However, this is a rigged version of OpenAI’s GPT-3 API that was programmed to generate malicious content, such as text that can be used for phishing emails and malware scripts.

Editors' Recommendations

Fionna Agomuoh
Fionna Agomuoh is a technology journalist with over a decade of experience writing about various consumer electronics topics…
Double-check that job posting — hackers are spreading malware through them
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

A new phishing scam has surfaced that is showing how sophisticated bad actors are becoming in tricking unsuspecting victims into giving up their personal information.

The latest cyberattack is centered around the job listing website, Indeed. Hackers send out an email spoofing an employment opportunity from the website. Once you click the link, it will send you to a Microsoft 365 login page to enter your credentials. From here you're not suspecting anything unscrupulous, but the next time you attempt to log into your Microsoft 365 account, you will find that not only are you getting an error message that the information is incorrect, but that your account is no longer available.

Read more
Bing Chat’s ads are sending users to dangerous malware sites
Bing Chat shown on a laptop.

Since it launched, Microsoft’s Bing Chat has been generating headlines left, right, and center -- and not all of them have been positive. Now, there’s a new headache for the artificial intelligence (AI) chatbot, as it’s been found it has a tendency to send you to malware websites that can infect your PC.

The discovery was made by antivirus firm Malwarebytes, which discussed the incident in a blog post. According to the company, Bing Chat is displaying malware advertisements that send users to malicious websites instead of filtering them out.

Read more
This is how Google Docs is challenging Grammarly’s AI
Google presenting new Docs features.

Google announced a full suite of artificial intelligence enhancements for Workspace at its IO event in May. Now, those advanced features are available as Google Duet, and one stands out as a threat to Grammarly's dominance in AI proofreading.

Google Proofread goes much further than the usual spelling and grammar check that's part of Google Docs. It suggests alternate wording to match the context of the document, listing dynamic or formal alternatives.

Read more