Fake ChatGPT apps can steal your banking info — here's how
Hackers are creating fake ChatGPT apps to distribute malware
Hackers are taking advantage of ChatGPT's popularity to distribute malware via Windows and Android apps, leading the unaware to pages that bait them for their information.
Since its November 2022 launch, ChatGPT's fame skyrocketed, culminating to a whopping 100 million users by January 2023. As a result of its explosive growth, Open AI throttled the platform for free users and introduced ChatGPT Plus, a $20-a-month subscription for those who want to use the AI chatbot without limitations.
Consequently, threat actors have been offering complimentary, uninterrupted, throttle-free access to ChatGPT, and of course, this is all a ruse.
How fake ChatGPT apps affect your PC
What's the goal of these fake ChatGPT apps? Cybercriminals want to seduce users into relinquishing their account credentials.
How do these phishing attacks play out? Take cybersecurity researcher Dominic Alvieri's recent discovery, for example. He found "chat-gpt-pc.online," a fake domain that masqueraded as a legitimate source for ChatGPT downloads. Users who took the bait ended up being infected with RedLine, an information-stealing malware that can snatch data from web browsers, cryptocurrency wallets, and apps such as Steam, Discord and Telegram.
Google third-party .org and .me app stores pushing unofficial Chat GPTs. pic.twitter.com/6nPbd3bDsaFebruary 13, 2023
After further research, Alvieri also located other fake ChatGPT apps in the Google Play Store that was promoting the devious malware to unsuspecting users. Security research firm Cyble reported that hackers using ChatGPT's popularity is a growing and significant concern.
Cyble discovered malicous domains such as chatgpt-go.online, chat-gpt-pc[.]online, and openai-pc-pro[.]online. The scariest discovery Cyble made was that of a credit card stealing page, "pay.chatgptftw.com," which offered victims a payment portal to buy access to an inauthentic ChatGPT Plus service.
Stay in the know with Laptop Mag
Get our in-depth reviews, helpful tips, great deals, and the biggest news stories delivered to your inbox.
Cyble said it found over 50 malicious apps that use ChatGPT's logo, icons, and similar naming conventions to bait users. Two of the most nefarious abusers that Cyble shared are ChatGPT1, a fraudulent SMS billing application, and AI Photo, which contains Spynote malware that can steal personal data from your phone, including call logs, contacts lists, files, and SMS messages.
To be clear, the only proper place online to play with the popular ChatGPT is "chat.openai.com." There are no ChatGPT official mobile or desktop apps available at this time. If you run into any applications that claim to be associated with ChatGPT, watch out! They're probably fakes.
Mark has spent 20 years headlining comedy shows around the country and made appearances on ABC, MTV, Comedy Central, Howard Stern, Food Network, and Sirius XM Radio. He has written about every topic imaginable, from dating, family, politics, social issues, and tech. He wrote his first tech articles for the now-defunct Dads On Tech 10 years ago, and his passion for combining humor and tech has grown under the tutelage of the Laptop Mag team. His penchant for tearing things down and rebuilding them did not make Mark popular at home, however, when he got his hands on the legendary Commodore 64, his passion for all things tech deepened. These days, when he is not filming, editing footage, tinkering with cameras and laptops, or on stage, he can be found at his desk snacking, writing about everything tech, new jokes, or scripts he dreams of filming.