Safeguard Data: Identify Authentic Vs. Duplicitous ChatBots
Safeguard Data: Identify Authentic Vs. Duplicitous ChatBots
Many people use ChatGPT for various legitimate uses, including answering questions, generating content, explaining complex concepts, and writing code. However, the limitations of the free version of the chatbot, like delayed responses, can be frustrating.
MUO VIDEO OF THE DAY
SCROLL TO CONTINUE WITH CONTENT
Malicious actors often exploit these limitations by encouraging users to download a supposedly premium version of ChatGPT for free. The fake chatbot may contain malware that can be used for cyberattacks, like data theft.
Here’s a list of malicious ChatGPT-themed domains and apps that you need to be aware of.
Disclaimer: This post includes affiliate links
If you click on a link and make a purchase, I may receive a commission at no extra cost to you.
1. chat-gpt-pc.online
Security researchers at Cyble Research and Intelligence Labs (CRIL) uncovered cybercriminals using the domain “chat-gpt-pc.online” to attract unsuspecting users into downloading a supposed ChatGPT Windows desktop client. This client, however, contained the RedLine info-stealing malware .
The cybercriminals used a Facebook page impersonating OpenAI, complete with official ChatGPT logos, to redirect unsuspecting users to the malicious site.
2. openai-pc-pro.online
The experts at CRIL also discovered an unidentified malware strain being distributed through the domain “openai-pc-pro.online,” a malicious domain posing as the official ChatGPT website.
The domain is promoted by “Chat GPT AI,” a popular ChatGPT-themed Facebook page, a page that frequently posts about ChatGPT and OpenAI’s Jukebox . The posts often contain links to malicious domains, including openai-pc-pro.online.
The suspicious domain directs users to a fake OpenAI website resembling the official one. The site features a “DOWNLOAD FOR WINDOWS” button, which, when clicked, downloads an executable file containing data-stealing malware.
3. chat-gpt-pc.online
ChatGPT AI, the fake ChatGPT Facebook page, also features posts that include links to “chat-gpt-pc.online,” another domain that redirects users to a malicious ChatGPT-themed website.
4. chatgpt-go.online
The domain “chatgpt-go.online” leads users to a website that’s a clone of the official ChatGPT website. The copy-pasted site, however, swaps the “TRY CHATGPT” button link with malicious links containing Lumma Stealer. The domain also hosts different kinds of malicious files, including clipper malware and Aurora stealer.
5. pay.chatgptftw.com
Cybercriminals also use ChatGPT-themed payment pages for financial fraud. For example, on the domain “pay.chatgptftw.com,” Cyble came across a page designed to steal credit card details. This webpage poses as a genuine payment page for ChatGPT Plus.
6. ChatGPT1
The Cyble report highlights another malware app that uses the ChatGPT icon. The malicious app, “ChatGPT1,” is an SMS billing fraud app downloaded as chatGPT1.apk. It operates discreetly, subscribing users to premium services without their consent.
7. AI Photo
“AI Photo” is another app that uses the ChatGPT icon, but is malicious in intent. This app was found to harbor the SpyNote malware, capable of stealing device files, contact lists, call logs, and text messages.
8. Meterpreter Posing as “SuperGPT” App
SuperGPT is an AI assistant app built on ChatGPT. However, researchers from Unit 42 uncovered a malicious APK sample posing as the app. This fake “SuperGPT” is a Meterpreter Trojan, a RAT that enables remote access of Android devices.
9. Trojan-PSW.Win64.Fobo
Kaspersky researchers discovered that cybercriminals were using a fake ChatGPT desktop client for Windows to distribute a stealer Trojan. The Trojan, dubbed Trojan-PSW.Win64.Fobo, if installed on the user’s computer, can steal account details stored in various browsers, including Chrome, Edge, Firefox, and Brave.
The Trojan targets Facebook, TikTok, and Google accounts, stealing logins and financial info, like ad spending and current balance. To achieve this, the perpetrators create social media groups resembling official OpenAI accounts or enthusiast communities, where they post download links for a purported ChatGPT desktop client.
If you click the link, you’ll be redirected to a website that prompts you to download ChatGPT for Windows. Clicking on the button will download an archive containing an executable file.
Upon extracting the archive and running the file, you may or may not receive an installation failure message. In either case, the Trojan is installed.
Protect Yourself From Malicious ChatGPT-Themed Apps
Malicious actors are using ChatGPT-themed mobile apps and desktop clients to spread malware on computing devices. These apps often pose as free versions of premium ChatGPT and are commonly promoted through social media and email campaigns.
Some malicious apps and domains include chatGPT1, AI photo, openai-pc-pro.online, and pay.chatgptftw.com. To protect against potential malware infections from such sources, be cautious when downloading third-party apps, keep your device updated, and consider using reputable antimalware software.
SCROLL TO CONTINUE WITH CONTENT
Malicious actors often exploit these limitations by encouraging users to download a supposedly premium version of ChatGPT for free. The fake chatbot may contain malware that can be used for cyberattacks, like data theft.
Here’s a list of malicious ChatGPT-themed domains and apps that you need to be aware of.
Also read:
- [New] IPhone's Best Camera Combo Utilities
- Alexa Showdown: Deciding Between Echo Pop and Echo Dot - A Comprehensive Guide for Your Perfect Smart Speaker [ZDNet]
- Avoid Getting Banned: Handling the Persistent Dota 2 Valve Anti-Cheat Concerns
- Beyond Simulation: Comparing Metaverse and Virtual Reality's 6 Traits
- Break The Silence: Speak To ChatGPT
- ChatGPT Faux Pas: How to Sidestep These Blunders
- Exploring the Depths of Star Wars: Squadrons – A Riveting Interstellar Experience Unveiled
- How to convert AVCHD MTS to MP4 for Xiaomi Redmi K70?
- In 2024, Hassle-Free Ways to Remove FRP Lock from Oppo Reno 10 5G Phones with/without a PC
- In 2024, Premium Portfolio Cutting-Edge Cardboard VR Game Listings
- Personalized Nutrition with ChatGPT Help
- Simplify Your Inbox Chaos with This One Simple Email Hack – No Rule Juggling Needed! | TechWise
- Step Into the Future: Mastering AI with Free DALL-E 3 & Bing
- Transformando O Manuseio Do Seu Disco Rápido: Dicas Para Gerar Uma Imagem Perfeita Com Windows 11 – Métodos Livres
- Title: Safeguard Data: Identify Authentic Vs. Duplicitous ChatBots
- Author: Brian
- Created at : 2024-10-31 18:15:17
- Updated at : 2024-11-01 16:22:57
- Link: https://tech-savvy.techidaily.com/safeguard-data-identify-authentic-vs-duplicitous-chatbots/
- License: This work is licensed under CC BY-NC-SA 4.0.