Threat actors are exploiting the recognition of OpenAI’s ChatGPT chatbot to distribute malware for Windows and Android, or direct unsuspecting vitims to phishing pages.
ChatGPT gained immense traction since its launch in November 2022, changing into probably the most quickly rising shopper software in trendy historical past with extra then100 million customers by January 2023.
This huge reputation and speedy development pressured OpenAI to throttle using the device and launched a $20/month paid tier (ChatGPT Plus) for people who wish to use the chatbot with no availability restrictions.
The transfer created situations for menace actors to benefit from the device’s reputation by promising uninterrupted and free-of-charge entry to premium ChatGPT. The provides are galse and the aim is to lure customers into putting in malware or to supply account credentials.
Security researcher Dominic Alvieri was among the many first to note one such instance utilizing the area “chat-gpt-pc.on-line” to contaminate guests with the Redline info-stealing malware beneath the guise of a obtain for a ChatGPT Windows desktop consumer.
That web site was promoted by a Facebook web page that used official ChatGPT logos to trick customers into getting redirected to the malicious web site.
Alvieri additionally noticed pretend ChatGPT apps being promoted on Google Play and third-party Android app shops, to push doubtful software program onto folks’s gadgets.
Researchers at Cyble have revealed a related report right this moment the place they current extra findings relating to the malware distribution marketing campaign found by Alvieri, in addition to different malicious operations exploiting ChatGPT’s reputation.
Cyble found “chatgpt-go.on-line” which distributes malware that steals clipboard contents and the Aurora stealer.
Additionally, “chat-gpt-pc[.]on-line” delivered the Lumma stealer in Cyble’s checks. Another area, “openai-pc-pro[.]on-line,” drops an unknown malware household.
In addition to the above, Cyble found a bank card stealing web page at “pay.chatgptftw.com” that supposedly provides guests a cost portal to buy ChatGPT Plus.
When it involves pretend apps, Cyble says it found over 50 malicious functions that use the ChatGPT’s icon and an analogous identify, all of them being pretend and making an attempt to dangerous actions on customers’ gadgets.
Two examples highlighted within the report are ‘chatGPT1,’ which is an SMS billing fraud app, and ‘AI Photo,’ which accommodates the Spynote malware, which may steal name logs, contact lists, SMS, and recordsdata from the machine.
ChatGPT is solely an online-based device accessible solely at “chat.openai.com” and doesn’t provide any cell or desktop apps for any working programs in the intervening time.
Any different apps or websites claiming to be ChatGPT are fakes making an attempt to rip-off or infect with malware and needs to be thought of at the very least suspicious and customers ought to keep away from them.