The Dichotomy of AI: Mass Engagement Vs. Precious Data
Innocuous Names, Hidden Dangers: A Guide to Authentic ChatBots
Many people use ChatGPT for various legitimate uses, including answering questions, generating content, explaining complex concepts, and writing code. However, the limitations of the free version of the chatbot, like delayed responses, can be frustrating.
MUO VIDEO OF THE DAY
SCROLL TO CONTINUE WITH CONTENT
Malicious actors often exploit these limitations by encouraging users to download a supposedly premium version of ChatGPT for free. The fake chatbot may contain malware that can be used for cyberattacks, like data theft.
Here’s a list of malicious ChatGPT-themed domains and apps that you need to be aware of.
Disclaimer: This post includes affiliate links
If you click on a link and make a purchase, I may receive a commission at no extra cost to you.
1. chat-gpt-pc.online
Security researchers at Cyble Research and Intelligence Labs (CRIL) uncovered cybercriminals using the domain “chat-gpt-pc.online” to attract unsuspecting users into downloading a supposed ChatGPT Windows desktop client. This client, however, contained the RedLine info-stealing malware .
The cybercriminals used a Facebook page impersonating OpenAI, complete with official ChatGPT logos, to redirect unsuspecting users to the malicious site.
2. openai-pc-pro.online
The experts at CRIL also discovered an unidentified malware strain being distributed through the domain “openai-pc-pro.online,” a malicious domain posing as the official ChatGPT website.
The domain is promoted by “Chat GPT AI,” a popular ChatGPT-themed Facebook page, a page that frequently posts about ChatGPT and OpenAI’s Jukebox . The posts often contain links to malicious domains, including openai-pc-pro.online.
The suspicious domain directs users to a fake OpenAI website resembling the official one. The site features a “DOWNLOAD FOR WINDOWS” button, which, when clicked, downloads an executable file containing data-stealing malware.
3. chat-gpt-pc.online
ChatGPT AI, the fake ChatGPT Facebook page, also features posts that include links to “chat-gpt-pc.online,” another domain that redirects users to a malicious ChatGPT-themed website.
4. chatgpt-go.online
The domain “chatgpt-go.online” leads users to a website that’s a clone of the official ChatGPT website. The copy-pasted site, however, swaps the “TRY CHATGPT” button link with malicious links containing Lumma Stealer. The domain also hosts different kinds of malicious files, including clipper malware and Aurora stealer.
5. pay.chatgptftw.com
Cybercriminals also use ChatGPT-themed payment pages for financial fraud. For example, on the domain “pay.chatgptftw.com,” Cyble came across a page designed to steal credit card details. This webpage poses as a genuine payment page for ChatGPT Plus.
6. ChatGPT1
The Cyble report highlights another malware app that uses the ChatGPT icon. The malicious app, “ChatGPT1,” is an SMS billing fraud app downloaded as chatGPT1.apk. It operates discreetly, subscribing users to premium services without their consent.
7. AI Photo
“AI Photo” is another app that uses the ChatGPT icon, but is malicious in intent. This app was found to harbor the SpyNote malware, capable of stealing device files, contact lists, call logs, and text messages.
8. Meterpreter Posing as “SuperGPT” App
SuperGPT is an AI assistant app built on ChatGPT. However, researchers from Unit 42 uncovered a malicious APK sample posing as the app. This fake “SuperGPT” is a Meterpreter Trojan, a RAT that enables remote access of Android devices.
9. Trojan-PSW.Win64.Fobo
Kaspersky researchers discovered that cybercriminals were using a fake ChatGPT desktop client for Windows to distribute a stealer Trojan. The Trojan, dubbed Trojan-PSW.Win64.Fobo, if installed on the user’s computer, can steal account details stored in various browsers, including Chrome, Edge, Firefox, and Brave.
The Trojan targets Facebook, TikTok, and Google accounts, stealing logins and financial info, like ad spending and current balance. To achieve this, the perpetrators create social media groups resembling official OpenAI accounts or enthusiast communities, where they post download links for a purported ChatGPT desktop client.
If you click the link, you’ll be redirected to a website that prompts you to download ChatGPT for Windows. Clicking on the button will download an archive containing an executable file.
Upon extracting the archive and running the file, you may or may not receive an installation failure message. In either case, the Trojan is installed.
Protect Yourself From Malicious ChatGPT-Themed Apps
Malicious actors are using ChatGPT-themed mobile apps and desktop clients to spread malware on computing devices. These apps often pose as free versions of premium ChatGPT and are commonly promoted through social media and email campaigns.
Some malicious apps and domains include chatGPT1, AI photo, openai-pc-pro.online, and pay.chatgptftw.com. To protect against potential malware infections from such sources, be cautious when downloading third-party apps, keep your device updated, and consider using reputable antimalware software.
SCROLL TO CONTINUE WITH CONTENT
Malicious actors often exploit these limitations by encouraging users to download a supposedly premium version of ChatGPT for free. The fake chatbot may contain malware that can be used for cyberattacks, like data theft.
Here’s a list of malicious ChatGPT-themed domains and apps that you need to be aware of.
Also read:
- [New] In 2024, Pro's Secret Insights Into Windows 11
- [Updated] In 2024, Making Marks Trendsetting on Social Media Platforms
- Addressing the Red Screen of Death in Windows 11 Systems
- Command Your Car to Evolve with Help From ChatGPT
- Expert Tips to Zoom In on Your Favorite Roblox Locales for 2024
- Guide Downloading Twitters Videos on Android Devices for 2024
- How Do Chatbots Simulate Conversations With People?
- HPE Vs. Inspur: Legal Battle Over Patents Intensifies Amidst Allegations of Unsanctioned U.S. Business Undertakings by Chinese Company
- In 2024, How to Remove Forgotten PIN Of Your Oppo A1x 5G
- In 2024, Mastering the Art of Locating Concealed YouTube Media
- Pokemon Go Error 12 Failed to Detect Location On Xiaomi 14? | Dr.fone
- Responsible Use of Personalization in Machine Learning Tools
- Step-by-Step Instructions for Posting and Sharing Your ChatGPT Interactions
- Title: The Dichotomy of AI: Mass Engagement Vs. Precious Data
- Author: Larry
- Created at : 2024-10-08 22:02:46
- Updated at : 2024-10-15 23:10:07
- Link: https://tech-hub.techidaily.com/the-dichotomy-of-ai-mass-engagement-vs-precious-data/
- License: This work is licensed under CC BY-NC-SA 4.0.