Fake ChatGPT apps are being used to push malware

Users warned to only access ChatGPT via the official website and platforms using the API

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

It was only a matter of time before hackers started leveraging the immense popularity ofChatGPTto pushmalwareand steal sensitive personal data - and several security companies have now spotted this happening.

For the uninitiated,OpenAI’s ChatGPT is an AI-poweredchatbotwhose popularity has skyrocketed in recent months.

The novelty of its output, plusMicrosoft’s eagerness to invest in the technology, made it the most sought-after technology online, hitting more than 100 million users in just two months (November 2022 to January 2023), according toBleepingComputer.

Infostealers galore

The demand, inevitably, led to the service’s monetization. Those who want uninterrupted access to the platform can get it for $20 a month.

Per BleepingComputer, cybersecurity pros have found different hacker campaigns promising free access. These are, obviously, cases of “if it sounds too good to be true, it probably is,” and you should be wary of them.

In one such example, threat actors were pushing Redline, a known infostealer capable of grabbingpasswordsand credit card data stored inweb browsers, taking screenshots, exfiltrating files, and more.

To deliver the malware, they created a fake website promoting uninterrupted access to ChatGPT, and even created a Facebook page to promote the website. Other hackers tried to distribute the Aurora stealer.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

ChatGPT already feared to be behind multiple cyberattacks>Hackers could exploit ChatGPT to attack networks>Check out the best firewalls right now

There are also fake ChatGPT apps being distributed viaGoogle Playand other third-party Android app stores. It goes without saying that users wouldn’t be getting access to the chatbot, only unknown forms of malware. So far, there are dozens of such apps: researchers from Cyble found more than 50.

For the avoidance of doubt, the only way to access ChatGPT is via theofficial website- https://chat.openai.com/ - and OpenAI’s APIs. All other “alternatives” aren’t credible, and could impact yoursmartphone’s securityand yourprivacy.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time