Islamabad(GNP): Leading cybersecurity firm Kaspersky has disclosed that between January and May 2026, its security solutions flagged over 92,000 instances of malware and potentially unwanted applications worldwide, all masquerading as well-known Artificial Intelligence agents and platforms. Threat actors capitalized on trusted brand names to trick users into downloading harmful files. Fake ChatGPT applications were the most widely used disguise, making up 49% of all flagged incidents, while counterfeit versions of Claude and Gemini each accounted for 18%.
Since the start of 2026, Kaspersky researchers have uncovered more than 15,000 malware samples posing as agentic AI software, including fraudulent versions of fast-rising tools like OpenClaw. The identified samples spanned a range of threat categories, including banking trojans, spyware, exploits, and malware loaders capable of pulling in additional malicious components.
In May 2026, Kaspersky’s Global Research and Analysis Team exposed a fresh campaign attributed to the Silver Fox advanced persistent threat (APT) group. The operation involved distributing fraudulent Claude AI installers targeting Windows, macOS, and Linux users who were simply looking to access AI tools. Once executed, these malicious installers quietly embedded malware on victims’ machines, granting attackers prolonged access to compromised systems and sensitive data.
Dmitry Galov, Head of Russia and CIS units at Kaspersky’s Global Research and Analysis Team, warned that the integration of AI agents into enterprise settings fundamentally reshapes how trust operates. Every automated action, he noted, becomes a link in a broader chain of system interactions and data exchanges — meaning security can no longer focus solely on endpoint protection. Instead, organizations must govern how intelligence, permissions, and decision-making flow across interconnected AI-driven environments. He further cautioned that cybercriminals are actively exploiting the popularity of AI platforms as bait to steal user credentials, sensitive information, and funds, making robust security solutions an indispensable part of everyday digital life.
On the organizational side, Kaspersky recommends deploying comprehensive protection platforms such as the Kaspersky Next product line, which offers real-time threat detection, full visibility, investigative tools, and advanced incident response capabilities.
Companies lacking dedicated cybersecurity personnel may benefit from managed services such as Kaspersky Managed Detection and Response (MDR) or Incident Response, both of which cover the full spectrum of incident handling, from early threat identification through to remediation and ongoing protection.
Also Read: Government Strengthens Minority Rights Safeguards
Organizations are also encouraged to arm their security teams with deep threat intelligence; Kaspersky’s latest Threat Intelligence platform provides rich, context-aware insights across the entire incident lifecycle, supporting faster and more accurate identification of emerging cyber risks.
For individual users, Kaspersky advises limiting AI tool usage to platforms offered by established companies with proven privacy and security standards. Anonymous or obscure bots should be avoided, as these may be engineered specifically to harvest personal data.
Installing a trusted security solution such as Kaspersky Premium can help block access to phishing pages and prevent unauthorized malware installation.
