Daily Guardian UAEDaily Guardian UAE
  • Home
  • UAE
  • What’s On
  • Business
  • World
  • Entertainment
  • Lifestyle
  • Sports
  • Technology
  • Travel
  • Web Stories
  • More
    • Editor’s Picks
    • Press Release
What's On

The iPhone 18 Pro Max camera could open and close like a real lens for better portraits

July 18, 2026

Every app on my phone has decided I need AI, and none of them bothered to ask

July 18, 2026

New open-weight AI from China is toppling the best of OpenAI and Claude Fable

July 18, 2026

HP fined millions of dollars for acting like a cartel over ink and PCs

July 18, 2026

Shopping for Back-to-school? These are the gaming laptops I’d recommend

July 18, 2026
Facebook X (Twitter) Instagram
Finance Pro
Facebook X (Twitter) Instagram
Daily Guardian UAE
Subscribe
  • Home
  • UAE
  • What’s On
  • Business
  • World
  • Entertainment
  • Lifestyle
  • Sports
  • Technology
  • Travel
  • Web Stories
  • More
    • Editor’s Picks
    • Press Release
Daily Guardian UAEDaily Guardian UAE
Home » AI chatbots with web browsing can be abused as malware relays
Technology

AI chatbots with web browsing can be abused as malware relays

By dailyguardian.aeFebruary 19, 20263 Mins Read
Share
Facebook Twitter LinkedIn Pinterest Email

AI chatbots with web browsing can be abused as malware relays, based on a Check Point Research demo. Instead of malware calling home to a traditional command server, it can use a chatbot’s URL fetching to pull instructions from a malicious page, then carry the response back to the infected machine.

In many environments, traffic to major AI destinations is already treated as routine, which can let command-and-control fade into normal web use. The same path can also be used to move data out.

Microsoft addressed the work in a statement and framed it as a post-compromise communications issue. It said that once a device is compromised, attackers will try to use whatever services are available, including AI-based ones, and it urged defense-in-depth controls to prevent infection and reduce what happens after.

The demo turns chat into a relay

The concept is straightforward. The malware prompts the AI web interface to load a URL, summarize what it finds, then scrapes the returned text for an embedded instruction.

Check Point said it tested the technique against Grok and Microsoft Copilot through their web interfaces. A key detail is access, the flow is designed to avoid developer APIs, and in the tested scenarios it can work without an API key, lowering friction for misuse.

For data theft, the mechanism can run in reverse. One method outlined is to place data in URL query parameters, then rely on the AI-triggered request to deliver it to adversary infrastructure. Basic encoding can further obscure what’s being sent, which makes simple content filtering less reliable.

Why it’s harder to spot

This isn’t a new malware class. It’s a familiar command-and-control pattern wrapped in a service many companies are actively enabling. If browsing-enabled AI services are left open by default, an infected system can try to hide behind domains that look low-risk.

Check Point also highlights how common the plumbing is. Its example uses WebView2 as an embedded browser component on modern Windows machines. In the described workflow, a program gathers basic host details, opens a hidden web view to an AI service, triggers a URL request, then parses the response to extract the next command. That can resemble ordinary app behavior, not an obvious beacon.

What security teams should do

Treat web-enabled chatbots like any other high-trust cloud app that can be abused after compromise. If it’s permitted, monitor for automation patterns, repeated URL loads, odd prompt cadence, or traffic volumes that don’t match human use.

AI browsing features may belong on managed devices and specific roles, not every machine. The open question is scale, this is a demo and it doesn’t quantify success rates against hardened fleets. What to watch next is whether providers add stronger automation detection in web chat, and whether defenders start treating AI destinations as potential post-compromise channels.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Keep Reading

The iPhone 18 Pro Max camera could open and close like a real lens for better portraits

Every app on my phone has decided I need AI, and none of them bothered to ask

New open-weight AI from China is toppling the best of OpenAI and Claude Fable

HP fined millions of dollars for acting like a cartel over ink and PCs

Shopping for Back-to-school? These are the gaming laptops I’d recommend

Last-minute Samsung leak spoils all of its next-gen foldable phones

I found five mechanical keyboards I’d happily recommend for Back-to-School

What Makes a Laser Printer Better for Small Business Workflows?

OpenAI patches ChatGPT desktop after user backlash over its recent redesign

Editors Picks

Every app on my phone has decided I need AI, and none of them bothered to ask

July 18, 2026

New open-weight AI from China is toppling the best of OpenAI and Claude Fable

July 18, 2026

HP fined millions of dollars for acting like a cartel over ink and PCs

July 18, 2026

Shopping for Back-to-school? These are the gaming laptops I’d recommend

July 18, 2026

Subscribe to News

Get the latest UAE news and updates directly to your inbox.

Latest Posts

Last-minute Samsung leak spoils all of its next-gen foldable phones

July 18, 2026

I found five mechanical keyboards I’d happily recommend for Back-to-School

July 18, 2026

What Makes a Laser Printer Better for Small Business Workflows?

July 18, 2026
Facebook X (Twitter) Pinterest TikTok Instagram
© 2026 Daily Guardian UAE. All Rights Reserved.
  • Privacy Policy
  • Terms
  • Advertise
  • Contact

Type above and press Enter to search. Press Esc to cancel.