Exploiting the popularity of ChatGPT – threat actors are found to be distributing phishing pages and malware to unsuspecting users.
Some noted by security researchers and firms point at different domains impersonating Open AI or ChatGPT – asking users to download them for free access to the chatbot. Unsuspecting users installing them may risk losing their sensitive data on the device, which may further lead to money theft too.
Distributing Fake ChatGPT Apps
ChatGPT, the conversational AI chatbot that stirred the entire technology industry in recent months, launched a premium subscription earlier this month. This is to limit the free users hopping on it with senseless questions and dedicate the tech to those who really need it.
While it’s a logical move to push the server costs onto users, this subscription space has also opened operational space for the hackers, who’re distributing malware and phishing pages for unsuspecting users online.
Posing as free ChatGPT apps (even though the service is only available on the web), hackers are disturbing fake apps and websites via Play Store and on the web. Some were noted by a security researcher Dominic Alvieri, who explained with an example of the domain “chat-gpt-pc[.]online” – which is being promoted on the web and via a Facebook page.
Chat GPT PC Online Redline redirect. I redirected it to closed. /chat-gpt-pc.online @OpenAI #cybersecurity #infosec pic.twitter.com/lXY5zUyMBj — Dominic Alvieri (@AlvieriD) February 12, 2023
