Skip to main content

Scammers are spoofing ChatGPT to spread malware

ChatGPT on mobile phone

ChatGPT has blown up in just a few months' time, becoming the fastest growing app of all time.

So, of course, hackers are already weaponizing the popularity of OpenAI's artificial intelligence chatbot in order to scam internet users.

Cybersecurity researchers have already uncovered hundreds of recently registered domains utilizing the term "ChatGPT." While not all of these domains will be weaponized for nefarious purposes, some of them already are being used in that way.

Cybersecurity researcher Dominic Alvieri has shared his findings on social media regarding the fake ChatGPT websites that he's come across, which try to spread malware and steal victims' private information. 

According to Alvieri, and as first reported by Bleeping Computer, one such website "chat-gpt-pc.online" attempted to convince visitors to its page that ChatGPT was offered as a downloadable local application for Windows. Alvieri found that this download would inject users with the RedLine information-stealing malware. Essentially, this malware steals stored information in users' applications, such as their web browser. For example, if a user has Google Chrome store their passwords or credit card information, this malware can pull the data and send it to the hacker.

In addition to the targeting of Windows users, Alvieri also found fake ChatGPT apps in the Google Play Store. Upon download, these apps would deploy similar phishing campaigns to steal users' information.

A new report from cybersecurity firm Cyble found just how widespread this was becoming, discovering more than 50 fake ChatGPT apps. And the Cyble report found some interesting ways hackers were attempting to steal from their victims too. One download installed a program called "chatGPT1." It provides no AI utility but does secretly subscribe its target to numerous paid services in what's known as SMS billing fraud.

Those looking to actually use ChatGPT without getting scammed should go directly to the OpenAI website at the url https://chat.openai.com, or its recently acquired domain, AI.com.

As ChatGPT continues to grow its user base and especially so after unveiling a paid element via its $20 per month subscription plan, users should be alert for bad faith actors looking to steal their information and cash in on the AI trend.



from Mashable https://ift.tt/W0rPxEj
https://ift.tt/NTqDSVM
Labels:

Comments

Post a Comment

Popular posts from this blog

When the clocks change for Daylight Saving Time, and why we do it at all

The clocks on our smartphones do something bizarre twice a year: One day in the spring, they jump ahead an hour, and our alarms go off an hour sooner. We wake up bleary-eyed and confused until we remember what just happened. Afterward, "Daylight Saving Time" becomes the norm for about eight months (And yes, it's called "Daylight Saving" not "Daylight Savings." I don't make the rules). Then, in the fall, the opposite happens. Our clocks set themselves back an hour, and we wake up refreshed, if a little uneasy.  Mild chaos ensues at both annual clock changes. What feels like an abrupt and drastic lengthening or shortening of the day causes time itself to seem fictional. Babies and dogs demand that their old sleep and feeding habits remain unchanged. And more consequential effects — for better or worse — may be involved as well (more on which in a minute). Changing our clocks is an all-out attack on our perception of time as an immutable law of ...
Post a Comment
Read more

Install Ngrok in Termux without error

  Install Ngrok in Termux without error 2022||ANISH SAHU|| Well Hello there welcome to techy Teacher Today in this Blog I will teach you how you can install or configured ngrok in Termux. What is Ngrok ? ngrok is a cross-platform application that allows developers to quickly and easily expose a local development server to the internet. The software system makes your locally hosted net server appear to be hosted on a subdomain of ngrok.com, which eliminates the need for a public science or a name on the native computer. What is Ngrok used for ? ngrok allows you to expose a web server operating on your local machine to the internet. Simply specify the port on which your internet server is listening to ngrok. Is Ngrok safe to use...? ngrok could be a tunnelling reverse proxy that establishes secure tunnels from a public termination to a regionally running network service while collecting and replaying all traffic. On GitHub, it's an associate degree ASCII text file project. Open rever...
1 comment
Read more