A group of researchers have recently discovered an active malware operation that takes advantage of the rising popularity of the OpenAI chatbot ChatGPT.
The report, published by security company Kaspersky, has now claimed that hackers are disseminating the malware through Facebook groups by promoting a phony desktop version of ChatGPT.
“An excellent illustration of how attackers are using social engineering techniques to take advantage of customers’ faith in well-known products and services is this campaign against ChatGPT. Users must realise that just because a service looks to be legitimate, that does not guarantee that it is “said Darya Ivanova, a Kaspersky security specialist.
Users are also infected with the Fobo Malware, which steals sensitive information like Facebook, TikTok, and Google account credentials and private and business financial data, in addition to the bot.
According to the investigation, people who click on the post’s link are taken to a beautifully created website that resembles the ChatGPT website almost precisely.
The website then invites viewers to download what appears to be a Windows version of ChatGPT but is an archive with an executable file. An error message appears when the programme can’t be installed and the installation procedure terminates abruptly.
Due to the chatbot’s high demand and rapid growth, a USD 20/30 days membership tier called ‘ChatGPT Plus’ was made available for those who want to utilize it without availability restrictions.
As a result of the move, threat actors were able to profit from the tool’s popularity by providing constant, free access to premium ChatGPT. The opportunities to deceive users into installing malware or divulging their login details are reportedly numerous, as of now.
According to the research, a new stealer Trojan called Trojan-PSW.Win64.Fobo is getting installed on the users’ machines as the programme is installed without their knowledge.
This Trojan’s primary goal is to steal saved account information from popular browsers, including Chrome, Edge, Firefox, and Brave, while attempting to gather additional information like the amount of advertising money and the current balance of the business accounts, as part of the assault, in addition to stealing login credentials.
The report has also said that the bogus “desktop client” for ChatGPT has targeted users in Africa, Asia, Europe, and America.
Third-party app shops, which are less secure than Google Play or the Microsoft Store, are where these phony ChatGPT programs were disseminated. Tens of thousands of consumers worldwide have downloaded bogus AI apps, the report said further.
Experts are now advising users to download programs only from official app stores, apart from using heightened caution, when doing so. Additional security tips also include setting up antivirus software and maintaining devices.