AI Chatbots Are Sending Users Straight to Cryptojacking Malware

If you ask an AI chatbot to recommend a useful tool or service and it helpfully provides a link, you might want to think twice before clicking. Security researchers have identified a pattern where chatbot recommendations are directing users toward sites hosting cryptojacking malware, software designed to quietly hijack your hardware and mine cryptocurrency for someone else's benefit.

This isn't a case of chatbots being hacked mid-conversation. The more mundane explanation is that these systems are trained on web data that already contains poisoned content, SEO-gamed pages, or outright malicious links dressed up to look legitimate. The models don't know the difference between a trustworthy source and a cybercriminal's landing page. They just pattern-match and serve up whatever scored well in training.

Cryptojacking sits in a weird middle ground of cybercrime. It's not as dramatic as ransomware and doesn't make headlines the same way. But it's persistent, it's profitable, and most victims never notice until their electricity bill climbs or their machine starts sounding like a jet engine. Embedding distribution into AI recommendation flows is a reasonably clever escalation.

The broader issue here is that AI tools are increasingly treated as authoritative. People follow chatbot suggestions with a level of trust they probably wouldn't extend to a random search result. Attackers are aware of this. Poisoning the inputs or gaming the outputs of these systems is a natural next step for anyone running a malware distribution operation.

This is the kind of threat that doesn't require breaking any AI infrastructure directly. It just requires understanding how these models behave and nudging the surrounding ecosystem accordingly. Defending against it means treating AI-generated recommendations with the same scepticism you'd apply anywhere else online.