Windows, Android malware deployed via fraudulent ChatGPT apps

Windows and Android devices are being targeted by malware distributed through fraudulent apps impersonating OpenAI's ChatGPT chatbot, BleepingComputer reports. Threat actors have been leveraging the "chat-gpt-pc[.]online" domain promising a download of a free ChatGPT Windows desktop client, to distribute the Redline information-stealing malware, according to security researcher Dominic Alvieri, who also identified several phony ChatGPT apps in Google Play and other Android app stores. Meanwhile, a report from Cyble showed that the domain identified by Alvieri also prompted Lumma stealer malware delivery. Attackers have also used the "chatgpt-go[.]online" domain to facilitate Aurora stealer and clipboard content-stealer malware deployment, while mysterious malware is being distributed via the "openai-pc-pro[.]online" domain. On the other hand, more than 50 fake ChatGPT applications have been discovered by Cyble, including the SMS billing fraud app "chatGPT1," and the Spynote malware-laced "AI Photo." Users have been advised that ChatGPT could only be accessed at 'chat.openai.com' and does not have any desktop or mobile apps yet.