Threat actors are exploiting the popularity of OpenAI's ChatGPT chatbot to distribute malware for Windows and Android, or direct unsuspecting vitims to phishing pages.
ChatGPT gained immense traction since its launch in November 2022, becoming the most rapidly growing consumer application in modern history with more then100 million users by January 2023.
This massive popularity and rapid growth forced OpenAI to throttle the use of the tool and launched a $20/month paid tier (ChatGPT Plus) for individuals who want to use the chatbot with no availability restrictions.
The move created conditions for threat actors to take advantage of the tool's popularity by promising uninterrupted and free-of-charge access to premium ChatGPT. The offers are galse and the goal is to lure users into installing malware or to provide account credentials.
Security researcher Dominic Alvieri was among the first to notice one such example using the domain [...] to infect visitors with the Redline info-stealing malware under the guise of a download for a ChatGPT Windows desktop client.
