ADVERTISEMENT

AI chatbots Grok and Copilot could be abused as hidden channels for malware, researchers warn

AI assistants, including Grok and Microsoft Copilot, could be manipulated by attackers to secretly pass instructions to malware, highlighting how everyday AI tools may become part of future cyberattacks.

grok and copilot could be abused as hidden channels for malware

Image by Cybernews

Ann-Marie Corvin
Ann-Marie Corvin Senior Journalist
Feb 18, 2026 Updated: 19 February 2026 3 min read
Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Add us as your Preferred Source on Google.

What Check Point Research discovered

How “AI as Proxy” works

malicious website instructs ai coding tools to run malware
CPR's research shows how chatbots that allow web browsing and URL fetching without API key can be manipulated by attackers.
ADVERTISEMENT
An attacker might ask the AI whether the system is worth further exploration, which tools to deploy next, or how aggressively to move laterally without raising suspicion.”
Check Point Research

A gradual shift towards AI-driven malware?

"The findings point to a near-term evolution in malware development, where implants shift from static logic to prompt-driven, adaptive behavior that can autonomously plan operations, prioritize targets and data, and amidst tactics in real time based on environmental feedback.”
Check Point Research

ADVERTISEMENT