Global cybersecurity company Kaspersky has uncovered a surge in cyber threats leveraging the popularity of artificial intelligence, revealing that more than 92,000 malware and potentially unwanted application attacks were detected worldwide between January and early May 2026. These threats were disguised as widely used AI agents and services, highlighting a growing trend of attackers exploiting trusted technology brands to deceive users.
According to Kaspersky, fake ChatGPT applications accounted for nearly half (49%) of all detected attacks, while fraudulent versions of Claude and Gemini each represented 18%. Cybercriminals are increasingly capitalizing on the rapid adoption of AI tools, luring users into downloading malicious software under the guise of legitimate applications.
The company’s researchers identified over 15,000 unique malware samples impersonating agentic AI platforms, including emerging tools such as OpenClaw. These samples ranged from banking trojans and spyware to exploits and malware downloaders capable of installing additional malicious payloads on compromised systems.
“The introduction of AI agents into enterprise environments changes the nature of trust itself. Every automated action becomes part of a wider chain of systems and data exchanges,” said Dmitry Galov, Head of Russia and CIS Units at Kaspersky Global Research and Analysis Team.
In a significant development, Kaspersky’s Global Research and Analysis Team (GReAT) uncovered a new campaign in May 2026 linked to the Silver Fox advanced persistent threat (APT) group. In this operation, attackers distributed fake Claude AI applications compatible with Windows, macOS, and Linux systems. Once installed, these malicious programs enabled persistent access to infected devices, allowing cybercriminals to harvest sensitive data and maintain long-term control over compromised environments.
Kaspersky warns that the rise of AI-driven ecosystems is reshaping cybersecurity challenges. As AI agents become integrated into enterprise workflows, they introduce new layers of complexity around trust, permissions, and automated decision-making. This shift requires organizations to rethink their approach to security beyond traditional endpoint protection.
To mitigate risks, Kaspersky recommends adopting advanced cybersecurity solutions that offer real-time protection, threat visibility, and incident response capabilities. Its Kaspersky Next product line and managed services, such as Managed Detection and Response (MDR), are designed to help organizations identify, investigate, and neutralize evolving threats.
For individual users, the company advises relying only on reputable AI services, avoiding unknown or unverified tools, and using security software to prevent phishing attacks and malware infections.
The findings underscore the urgent need for vigilance as AI adoption accelerates, making cybersecurity a critical component of both enterprise operations and everyday digital life.
