Hackers use faux ChatGPT apps to push Home windows, Android malware

Hackers use fake ChatGPT apps to push Windows, Android malware

Menace actors are exploiting the recognition of OpenAI’s ChatGPT chatbot to distribute malware for Home windows and Android, or direct unsuspecting vitims to phishing pages.

ChatGPT gained immense traction since its launch in November 2022, changing into probably the most quickly rising client software in fashionable historical past with extra then100 million customers by January 2023.

This large recognition and speedy development compelled OpenAI to throttle the usage of the device and launched a $20/month paid tier (ChatGPT Plus) for people who wish to use the chatbot with no availability restrictions.

The transfer created situations for menace actors to reap the benefits of the device’s recognition by promising uninterrupted and free-of-charge entry to premium ChatGPT. The gives are galse and the purpose is to lure customers into putting in malware or to offer account credentials.

Safety researcher Dominic Alvieri was among the many first to note one such instance utilizing the area “chat-gpt-pc.on-line” to contaminate guests with the Redline info-stealing malware below the guise of a obtain for a ChatGPT Home windows desktop shopper.


That web site was promoted by a Fb web page that used official ChatGPT logos to trick customers into getting redirected to the malicious web site.

Fake Facebook page
Pretend Fb web page (Cyble)

Alvieri also spotted faux ChatGPT apps being promoted on Google Play and third-party Android app shops, to push doubtful software program onto folks’s units.

Fake ChatGPT apps on the Play Store
Pretend ChatGPT apps on the Play Retailer (Alvieri)

Researchers at Cyble have printed a related report at the moment the place they current extra findings concerning the malware distribution marketing campaign found by Alvieri, in addition to different malicious operations exploiting ChatGPT’s recognition.

Cyble found “chatgpt-go.on-line” which distributes malware that steals clipboard contents and the Aurora stealer.

Moreover, “chat-gpt-pc[.]on-line” delivered the Lumma stealer in Cyble’s exams. One other area, “openai-pc-pro[.]on-line,” drops an unknown malware household.

Along with the above, Cyble found a bank card stealing web page at “pay.chatgptftw.com” that supposedly gives guests a fee portal to buy ChatGPT Plus.

Phishing site stealing credit card details
Phishing web site stealing bank card particulars (Cyble)

With regards to faux apps, Cyble says it found over 50 malicious purposes that use the ChatGPT’s icon and an identical identify, all of them being faux and making an attempt to dangerous actions on customers’ units.

Two examples highlighted within the report are ‘chatGPT1,’ which is an SMS billing fraud app, and ‘AI Photograph,’ which incorporates the Spynote malware, which may steal name logs, contact lists, SMS, and information from the machine.

Spynote malware stealing call data from the infected device
Spynote malware stealing name knowledge from the contaminated machine (Cyble)

ChatGPT is completely an online-based device accessible solely at “chat.openai.com” and doesn’t provide any cell or desktop apps for any working programs in the meanwhile.

Some other apps or websites claiming to be ChatGPT are fakes making an attempt to rip-off or infect with malware and ought to be thought of no less than suspicious and customers ought to keep away from them.

Leave a Reply

Your email address will not be published. Required fields are marked *