Windows and Android devices are being targeted by malware distributed through fraudulent apps impersonating OpenAI's ChatGPT chatbot, BleepingComputer reports.
Threat actors have been leveraging the "chat-gpt-pc[.]online" domain promising a download of a free ChatGPT Windows desktop client, to distribute the Redline information-stealing malware, according to security researcher Dominic Alvieri, who also identified several phony ChatGPT apps in Google Play and other Android app stores.
Meanwhile, a report from Cyble showed that the domain identified by Alvieri also prompted Lumma stealer malware delivery. Attackers have also used the "chatgpt-go[.]online" domain to facilitate Aurora stealer and clipboard content-stealer malware deployment, while mysterious malware is being distributed via the "openai-pc-pro[.]online" domain.
On the other hand, more than 50 fake ChatGPT applications have been discovered by Cyble, including the SMS billing fraud app "chatGPT1," and the Spynote malware-laced "AI Photo."
Users have been advised that ChatGPT could only be accessed at 'chat.openai.com' and does not have any desktop or mobile apps yet.
Android devices on the latest version of the operating system were discovered to be impacted by a vulnerability that exposes DNS queries upon switching VPN servers despite the activation of the "Always-on VPN" functionality while blocking connections that do not have VPN, according to BleepingComputer.
BleepingComputer reports that online banking accounts across Finland were noted by the country's Transport and Communications Agency, or Traficom, to have been targeted by ongoing Android malware attacks.
BleepingComputer reports that numerous Android apps with over four billion downloads are susceptible to the novel Dirty Stream attack, which involves the exploitation of a flaw in Android's content provider system that could enable arbitrary code execution and secrets compromise.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news