%20--%3e%3cdefs%3e%3cstyle%3e%20.st0%20{%20fill:%20%23061b40;%20}%20.st1%20{%20fill:%20%23306af1;%20}%20.st2%20{%20fill:%20%235ce5cf;%20}%20%3c/style%3e%3c/defs%3e%3cg%3e%3cpath%20class='st0'%20d='M55,10.5h9v3h-9v9h12V7.5h-12v3ZM64,19.5h-6v-3h6v3Z'/%3e%3cpolygon%20class='st0'%20points='69%2016.5%2078%2016.5%2078%2019.5%2069%2019.5%2069%2022.5%2081%2022.5%2081%2013.5%2072%2013.5%2072%2010.5%2081%2010.5%2081%207.5%2069%207.5%2069%2016.5'/%3e%3cpolygon%20class='st0'%20points='95%2010.5%2095%207.5%2083%207.5%2083%2022.5%2095%2022.5%2095%2019.5%2086%2019.5%2086%2016.5%2095%2016.5%2095%2013.5%2086%2013.5%2086%2010.5%2095%2010.5'/%3e%3cpath%20class='st0'%20d='M40,1.5v21h11.6l1.4-1.4v-7.6h0c0,0-1.4-1.5-1.4-1.5l1.4-1.4V2.9l-1.4-1.4h-11.6ZM50,19.5h-7v-6h7v6ZM50,10.5h-7v-6h7v6Z'/%3e%3c/g%3e%3cpath%20class='st1'%20d='M23.1,24L14.7,4.8l-4.9,11.2h3.8l-1.8,4H3.3L12.1,0H2C.9,0,0,.9,0,2v20c0,1.1.9,2,2,2h21.1Z'/%3e%3cpath%20class='st2'%20d='M34,0h-16.8l10.6,24h6.2c1.1,0,2-.9,2-2V2C36,.9,35.1,0,34,0ZM32.5,20h-4V4h4v16Z'/%3e%3c/svg%3e)
Microsoft Bing's AI-enhanced search features have recently been exposed to a security vulnerability. According to reports, hackers are exploiting Bing AI's search recommendation mechanism to push fake OpenClaw installation programs hosted on GitHub to users seeking specific AI tools.
OpenClaw is a popular open-source AI agent. Due to its advanced permissions, such as accessing local files and integrating email and various online services, it has become an "excellent platform" for hackers to steal sensitive information. Researchers from the security company Huntress found that hackers have successfully bypassed Bing AI's algorithm by faking GitHub organizations and copying real project code, allowing them to gain high recommendation weights in search results.
For users of different systems, hackers have developed differentiated "poisoning" schemes:
macOS Users: Fake pages guide users to run malicious scripts in the terminal, triggering the download of a keylogger called Atomic Stealer.
Windows Users: They distribute a forged file named "OpenClaw_x64.exe," which silently runs the Vidar keylogger in memory to steal account data and implants the GhostSocks malware to turn the computer into a proxy node for hackers.
Researchers pointed out that this "search pollution" currently mainly appears on the Bing platform and there is no evidence that Google Search has been similarly affected. Experts remind developers that when obtaining high-privilege AI tools, they should definitely use official channels and avoid running unknown scripts directly through search recommendations.
Key Points
🚨 AI Recommendation Compromised: Hackers forge projects on GitHub and manipulate weights to mislead Bing AI into recommending malicious installers.
🕵️ High-Privilege Trap: Using OpenClaw's own system access privileges, hackers can easily obtain user-sensitive data and control terminals.
🛠️ Targeted Cross-Platform Attacks: Different keylogging programs have been deployed for Mac and Windows users, showing strong targeting and stealthiness.