permiso.io
Malware Delivered via ChatGPT Links in New Cyber Attack Campaign
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Threat actors are exploiting ChatGPT's content-sharing feature to deliver malware through a campaign dubbed 'LLMShare.' This attack involves creating fake outage pages on the legitimate chatgpt.com domain, tricking users into downloading malicious software disguised as the ChatGPT desktop application. Google ads are used to lure victims searching for ChatGPT, leading them to these fraudulent pages. Once on the site, users see a fake message about high traffic and are prompted to download the malware. The malicious downloads target both Windows and macOS systems, with the Windows version executing commands to check for security software. The attackers utilize cloaking techniques to hide the true nature of the site from automated security tools. The campaign highlights a significant risk associated with the misuse of AI platform features for malicious purposes.
Key Points: • Threat actors exploit ChatGPT's sharing feature to host fake outage pages. • Malware is delivered through Google ads targeting ChatGPT-related searches. • The campaign uses cloaking techniques to evade detection by security tools.