Misled by Mirage: Learn to Distinguish Real GPT Tools

Many people use ChatGPT for various legitimate uses, including answering questions, generating content, explaining complex concepts, and writing code. However, the limitations of the free version of the chatbot, like delayed responses, can be frustrating.

MUO VIDEO OF THE DAY

SCROLL TO CONTINUE WITH CONTENT

Malicious actors often exploit these limitations by encouraging users to download a supposedly premium version of ChatGPT for free. The fake chatbot may contain malware that can be used for cyberattacks, like data theft.

Here’s a list of malicious ChatGPT-themed domains and apps that you need to be aware of.

Disclaimer: This post includes affiliate links

If you click on a link and make a purchase, I may receive a commission at no extra cost to you.

1. chat-gpt-pc.online

Security researchers at Cyble Research and Intelligence Labs (CRIL) uncovered cybercriminals using the domain “chat-gpt-pc.online” to attract unsuspecting users into downloading a supposed ChatGPT Windows desktop client. This client, however, contained the RedLine info-stealing malware .

The cybercriminals used a Facebook page impersonating OpenAI, complete with official ChatGPT logos, to redirect unsuspecting users to the malicious site.

2. openai-pc-pro.online

The experts at CRIL also discovered an unidentified malware strain being distributed through the domain “openai-pc-pro.online,” a malicious domain posing as the official ChatGPT website.

The domain is promoted by “Chat GPT AI,” a popular ChatGPT-themed Facebook page, a page that frequently posts about ChatGPT and OpenAI’s Jukebox . The posts often contain links to malicious domains, including openai-pc-pro.online.

The suspicious domain directs users to a fake OpenAI website resembling the official one. The site features a “DOWNLOAD FOR WINDOWS” button, which, when clicked, downloads an executable file containing data-stealing malware.

3. chat-gpt-pc.online

ChatGPT AI, the fake ChatGPT Facebook page, also features posts that include links to “chat-gpt-pc.online,” another domain that redirects users to a malicious ChatGPT-themed website.

4. chatgpt-go.online

The domain “chatgpt-go.online” leads users to a website that’s a clone of the official ChatGPT website. The copy-pasted site, however, swaps the “TRY CHATGPT” button link with malicious links containing Lumma Stealer. The domain also hosts different kinds of malicious files, including clipper malware and Aurora stealer.

5. pay.chatgptftw.com

Cybercriminals also use ChatGPT-themed payment pages for financial fraud. For example, on the domain “pay.chatgptftw.com,” Cyble came across a page designed to steal credit card details. This webpage poses as a genuine payment page for ChatGPT Plus.

6. ChatGPT1

The Cyble report highlights another malware app that uses the ChatGPT icon. The malicious app, “ChatGPT1,” is an SMS billing fraud app downloaded as chatGPT1.apk. It operates discreetly, subscribing users to premium services without their consent.

7. AI Photo

“AI Photo” is another app that uses the ChatGPT icon, but is malicious in intent. This app was found to harbor the SpyNote malware, capable of stealing device files, contact lists, call logs, and text messages.

8. Meterpreter Posing as “SuperGPT” App

SuperGPT is an AI assistant app built on ChatGPT. However, researchers from Unit 42 uncovered a malicious APK sample posing as the app. This fake “SuperGPT” is a Meterpreter Trojan, a RAT that enables remote access of Android devices.

9. Trojan-PSW.Win64.Fobo

Kaspersky researchers discovered that cybercriminals were using a fake ChatGPT desktop client for Windows to distribute a stealer Trojan. The Trojan, dubbed Trojan-PSW.Win64.Fobo, if installed on the user’s computer, can steal account details stored in various browsers, including Chrome, Edge, Firefox, and Brave.

The Trojan targets Facebook, TikTok, and Google accounts, stealing logins and financial info, like ad spending and current balance. To achieve this, the perpetrators create social media groups resembling official OpenAI accounts or enthusiast communities, where they post download links for a purported ChatGPT desktop client.

If you click the link, you’ll be redirected to a website that prompts you to download ChatGPT for Windows. Clicking on the button will download an archive containing an executable file.

Upon extracting the archive and running the file, you may or may not receive an installation failure message. In either case, the Trojan is installed.

Protect Yourself From Malicious ChatGPT-Themed Apps

Malicious actors are using ChatGPT-themed mobile apps and desktop clients to spread malware on computing devices. These apps often pose as free versions of premium ChatGPT and are commonly promoted through social media and email campaigns.

Some malicious apps and domains include chatGPT1, AI photo, openai-pc-pro.online, and pay.chatgptftw.com. To protect against potential malware infections from such sources, be cautious when downloading third-party apps, keep your device updated, and consider using reputable antimalware software.

SCROLL TO CONTINUE WITH CONTENT

Malicious actors often exploit these limitations by encouraging users to download a supposedly premium version of ChatGPT for free. The fake chatbot may contain malware that can be used for cyberattacks, like data theft.

Here’s a list of malicious ChatGPT-themed domains and apps that you need to be aware of.

Also read: