All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Microsoft uncovers cryptojacking campaign using SEO poisoning and AI chatbots to target high-GPU users via fake utility downloads

5d ago· 17 min readenNews
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Pure flour-power. Hearty enough to carry you through lunch.

Score100TypenewsSentimentnegative

Summary

Microsoft Defender Experts identified an active cryptojacking campaign that uses SEO poisoning and AI chatbot manipulation to distribute malware disguised as popular system utilities (CrystalDiskInfo, HWMonitor, DDU, FurMark, K-Lite Codec Pack, PDFgear). The campaign targets users with high-performance GPUs by surfacing malicious download sites through both traditional search engine results and AI chatbot recommendations. The attack abuses ScreenConnect remote access and Microsoft .NET utilities to deploy cryptocurrency miners on compromised systems.

Key quotes

· 3 pulled
Microsoft Defender Experts identified an active cryptojacking campaign in which malicious download sites are surfaced not only through traditional search engine poisoning, but also through AI chatbot interactions.
This emerging delivery technique extends social engineering beyond conventional search results and increases the visibility of malicious software recommendations.
The campaign impersonates trusted system utilities including CrystalDiskInfo, HWMonitor, Display Driver Uninstaller, FurMark, K-Lite Codec Pack, and PDFgear to target users likely to own high-performance GPUs.
Snippet from the RSS feed
Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with malicious sites also surfaced through AI chatbots.

You might also wanna read

CPUID Website Breach Redirected Software Downloads to Malware

The CPUID website was compromised in a six-hour breach where attackers hijacked backend systems to replace legitimate software downloads (li

theregister.com·1mo ago

ShadyPanda's 7-Year Malware Campaign Infected 4.3 Million Browsers Through Malicious Extensions

Koi researchers have uncovered a seven-year malware campaign by threat actor ShadyPanda that infected 4.3 million Chrome and Edge browsers t

koi.ai·6mo ago

JDownloader website hacked, served malware to Windows and Linux users for over a day

The JDownloader website was compromised by attackers who replaced legitimate download files with malware for over a day, targeting Windows a

neowin.net·23d ago

ClawdBot Open-Source Malware Framework Targets Cryptocurrency Platforms and Social Media

The article discusses ClawdBot, an open-source malware framework that uses malicious skills to target cryptocurrency platforms and social me

opensourcemalware.com·4mo ago

Malicious VS Code AI Extensions with 1.5M Installs Secretly Harvest Developer Codebases

Two popular VS Code AI coding extensions with 1.5 million installs have been identified as malicious, secretly harvesting developers' entire

koi.ai·3mo ago

Glassworm Threat Actor Returns with Unicode-Based Supply Chain Attacks on GitHub, npm, and VS Code

The Glassworm threat actor has returned with a new wave of supply chain attacks using invisible Unicode characters to compromise software re

aikido.dev·2mo ago