Beware of Fake AI Installers: Fraudulent Repositories Distribute Malware

A sophisticated malware campaign was discovered exploiting a unique vulnerability: AI-based search results directing users to fraudulent GitHub repositories containing infected versions of legitimate software. Attackers create GitHub repositories mimicking legitimate AI projects, optimize them to appear in AI search results like Bing Copilot, and trick users into downloading infected installers that appear legitimate but also install backdoors, stealers, keyloggers and clipboard hijackers. AI-based search systems carry a false sense of authority — users tend to trust "AI" recommendations more than traditional search results. Protect yourself by only installing software from official developer websites and verifying executables on VirusTotal before installing.