China Warns Of Malicious AI Agent Extensions | Silicon UK Tech

China’s main cyber-security centre has warned users of malicious AI agent “skills”, or extensions, that aim to install and run crypto-mining software on users’ systems, as experts warn that attackers are exploiting interest in new AI technologies to deploy phishing campaigns.

The National Computer Network Emergency Response Coordination Centre (CNCERT) said malicious providers are offering AI capability extensions, also known as skills, that aim to trick AI agents into downloading, installing and running resource-intensive crypto-mining tools on a user’s local system.

Fraudsters are also in some cases tricking users into running mining software themselves to generate “privacy-focused” tokens, CNCERT said on WeChat.

Third-party skills packages are also being offered that bypass model guard rails to generate prohibited content or crypto-mining functions, both of which are illegal in mainland China and could lead to legal consequences for those who voluntarily deploy them, CNCERT warned.

Users could also have accounts suspended or have their data hacked by such tools, in addition to potentially large utility bills and reduced device performance, the watchdog said.