Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities


Through the use of.NET single-file deployment tactics, a new malware strain known as BundleBot has been quietly operating under the surface and allowing threat actors to steal sensitive data from affected PCs. Some of these websites impersonate Google Bard, the company’s conversational generative AI chatbot, in an effort to trick users into downloading a fake RAR package (“Google_AI.rar”) that is actually hosted on reputable cloud storage services like Dropbox.

In a report released this week, Check Point stated that “BundleBot is abusing the dotnet bundle (single-file), self-contained format that results in very low or no static detection at all.” The company added that it is “commonly distributed via Facebook Ads and compromised accounts leading to websites masquerading as regular programme utilities, AI tools, and games.”

Read More…