Cybersecurity researchers warn that AI assistants with web access could play a new role in malware campaigns. Instead of connecting directly to a command-and-control server, attackers can use AI platforms as an intermediary for communication, making malicious traffic less likely to be detected.
Research by security company Check Point shows that AI assistants such as Grok and Microsoft Copilot can be misused to transport commands and data between an infected system and an attacker’s infrastructure. The core of the problem is that these AI services can retrieve and summarize web pages, a function that is normally legitimate but can also be repurposed for abuse.
In the proof of concept developed by the researchers, malware does not communicate…