Hackers Fake ChatGPT App to Spread Windows, and Android Malware
Since OpenAI launched the ChatGPT chatbot to the public in November of last year, this AI tool has quickly attracted billions of users due to its ability to answer most user questions, increase productivity, and provide both entertainment and practicality, making it a popular topic.
However, at the same time, criminals have found ways to take advantage of it. The Cyble Research and Intelligence Labs (CRIL) recently discovered several cases of malware being spread through ChatGPT, along with other cyber attacks.
Unofficial ChatGPT Social Media Page
CRIL detected several phishing websites promoting various types of malware through fraudulent advertising. In addition, some phishing websites are impersonating ChatGPT to steal credit card information. Meanwhile, various Android malware families are mimicking the icon & name of ChatGPT to mislead unsuspecting users, making them believe it is a genuine and reliable application, thereby infecting victims’ devices and conducting various malicious activities.
CRIL thoroughly investigated various similar domain names related to OpenAI and ChatGPT and found that they are being used for phishing attacks. In CRIL’s investigation, they found that these phishing websites are spreading several notorious malware families, including Lumma Stealer, Aurora Stealer, and clipper malware, among others.
Fake OpenAI and ChatGPT Website
Another Fake OpenAI and ChatGPT Website
In addition to fake websites, CRIL also stated that it has found more than 50 false and malicious applications using similar ChatGPT icons and names for harmful activities. These applications include adware, spyware, SMS fraud, and other types of malware.
One example mentioned in the report is “chatGPT1”, a text message billing fraud application, while another is “AI Photo”, which contains Spynote malware that can steal call logs, contact lists, messages, and files from infected devices.
Malware stealing call log data from an infected device
Users need to be aware that ChatGPT is an online tool that only provides services on its official website at https://chat.openai.com/. The official website has not provided any related applications. Therefore, users should be cautious when dealing with any applications or websites claiming to provide ChatGPT services and carefully discern whether they are harmful.
