Attackers Weaponize AI Chatbot Trust to Hijack GPUs and Mine Crypto

Microsoft has spotted something new. Attackers are manipulating SEO rankings and AI chatbot recommendations to push fake utilities onto users who trust what the AI tells them. It is social engineering, but the bait is not an email. It is a chatbot suggestion.

How the Bait Works

Victims search for legitimate tools like CrystalDiskInfo or PDFgear. They find poisoned search results or AI-generated suggestions pointing to malicious downloads. The fake installers look real. They are not.

Once executed, the installers compromise the endpoint and establish persistent remote access through abused ConnectWise ScreenConnect instances. Then attackers deploy a specialized binary that performs process hollowing against trusted Microsoft .NET processes, hiding malicious activity inside legitimate system executables. The hijacked machines get repurposed to run cryptocurrency miners built specifically for high-performance GPUs. Your graphics card is now making money for someone else.

A Decade-Old Trojan Won’t Quit

While Microsoft tracked the chatbot poisoning scheme, WatchGuard researchers observed a separate Grandoreiro malware campaign hitting financial institutions across Portugal and Latin America. The banking trojan has been active for roughly a decade despite law enforcement pressure. It now abuses DLL side-loading techniques across four legitimate software applications to evade detection.

Grandoreiro keeps finding new footholds, particularly in regions where financial infrastructure security maturity varies. Old malware does not die. It adapts.

The AI Trust Problem

This marks a notable evolution in search engine poisoning. Threat actors are not just manipulating Google rankings anymore. They are exploiting trust in generative AI tools, a vector most organizations have not even added to their security awareness programs.

SOC teams are racing to deploy AI co-pilots and agentic tools for defense. Attackers are already using the same technology surface against them. Threat models must expand beyond traditional phishing to include AI-assisted social engineering at scale. Most defenses are not ready.

What to Watch For

Security teams should treat AI chatbot recommendations as an untrusted source for software downloads. Reinforce that through user awareness training. Endpoint detection rules should flag unauthorized ScreenConnect installations and anomalous .NET process behavior, especially unexpected GPU utilization spikes.

Financial institutions in Portugal and Latin America should prioritize hardening against DLL side-loading and monitor for Grandoreiro indicators of compromise. The convergence of SEO manipulation and AI abuse is here. Defenders need to catch up.

Sources

1. https://www.microsoft.com/en-us/security/blog/
2. https://www.watchguard.com/wgrd-security-hub/secplicity-blog