From January to May 2026, Kaspersky has detected more than 92,000 malware attacks that was disguised as AI agents and AI services.
Malicious actors have exploited trusted brands to lure victims into downloading malicious files. They used fake ChatGPT applications, which accounts for almost half (49%) of all detected attacks. Meanwhile, Claude and Gemini each represented 18% of the attacks
Since the beginning of the year, Kaspersky researchers have identified more than 15,000 samples of malware masquerading as agentic AI software, including fake versions of rapidly growing tools such as OpenClaw. Among these samples were banking trojans, spyware, exploits, and malware downloaders capable of deploying additional malicious payloads.
In May 2026, Kaspersky Global Research and Analysis Team (GReAT) also uncovered a new campaign linked to the Silver Fox advanced persistent threat (APT) group. In this operation, attackers distributed fake Claude AI applications for Windows, macOS, and Linux, targeting users seeking access to AI tools. Once launched, the malicious installers silently deployed malware onto victims’ devices, enabling long-term access to compromised systems and sensitive information.
“The introduction of AI agents into enterprise environments changes the nature of trust itself. Every automated action becomes part of a wider chain of systems and data exchanges, which means security is no longer just about protecting endpoints – it is about controlling how intelligence, permissions, and decisions propagate across interconnected AI-driven processes. Users should also keep in mind that attackers are actively leveraging popular AI services as a lure to steal victims’ confidential data and funds. Taking into account the evolution of modern threat landscape, reliable security solutions are becoming an essential part of digital life.”
Dmitry Galov, Head of Russia and CIS units at Kaspersky GReAT
To protect against evolving threats, Kaspersky recommends organizations:
- Protect corporate infrastructure against a wide range of threats. Use solutions from the Kaspersky Next product line that provide real-time protection, threat visibility, investigation and advanced response capabilities. If a company lacks cybersecurity workers, it can adopt managed security services such as Kaspersky Managed Detection and Response (MDR) and / or Incident Response that covers the entire incident management cycle – from threat identification to continuous protection and remediation.
- Equip your cybersecurity team with in-depth visibility into cyber threats targeting your organization. The latest Kaspersky Threat Intelligence delivers rich, contextual insights throughout the entire incident management cycle, enabling timely identification of cyber risks. AI-powered open-source intelligence search enhances your team’s ability to uncover and respond to emerging threats with greater precision.
Kaspersky also recommends that users:
- Stick to AI services from reputable companies with strong privacy and security track records. Avoid using anonymous or unknown bots that could be designed to harvest data. Malicious or fake AI bots may attempt to extract personal information to commit fraud, phishing, or blackmail.
- To protect your data, use a security solution to prevent visits to phishing sites and stop malware installation.
