"Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities"
Using .NET single-file deployment techniques, a new malware strain called BundleBot operates under the radar, allowing threat actors to steal sensitive data from compromised hosts. Researchers at Check Point noted that BundleBot exploits the dotnet bundle (single-file), self-contained format, resulting in very low or no static detection. According to the researchers, BundleBot is commonly distributed through Facebook Ads and compromised accounts leading to websites masquerading as regular program utilities, Artificial Intelligence (AI) tools, and games. Some of these websites attempt to mimic Google Bard, the company's generative AI chatbot, in order to lure victims into downloading a bogus RAR archive hosted on legitimate cloud storage services such as Dropbox. This article continues to discuss findings regarding the new BundleBot malware strain.
THN reports "Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities"