Threat actors always look for what's gaining popularity at the moment in order to exploit it. Right now, people are trying to see what ChatGPT is capable of, which led hackers to create fake versions that contain malware for Windows and Android devices.
Fake ChatGPTs
With the surge of users trying out OpenAI's chatbot, the numbers hit 100 million by January 2023. Many can fall victim to the new malware distribution tactic or be led to phishing pages in an attempt to steal personal or sensitive information.
Adding in the fact that ChatGPT's availability is limited during its peak hours and users need to pay $20 per month for unrestricted access, the hackers used this opportunity to lure in victims with the promise of free access to the premium version of ChatGPT.
Of course, there is no such thing. Instead, the users who attempt to try the offer out will be installing malware on their devices, or they will be asked to provide account credentials, as pointed out by Bleeping Computer.
Users who open the "chat-gpt-pc.online" domain will be infected with Redline, an information-stealing malware that appears as a download for a ChatGPT Windows desktop client, according to Dominic Alvieri, a security researcher.
There have also been promoted fake pages found on Facebook. One, in particular, has over 4.3 followers and 4.1 likes, as of writing. Its latest post contains a link that claims to be a free GPT chat for PC. However, the link leads to a phishing page.
To keep up the act, the page also posts that appear like genuine content like videos or announcements from OpenAI. However, if you scroll down further, there are posts that indicate that the page isn't officially OpenAI.
As mentioned in Cyble, a post also mentions Jukebox, which is a tool created by OpenAI to enhance the creation of music and audio. The link included in the caption leads to a domain that appears like OpenAI's website.
It shows a button where users can download ChatGPT for Windows, but is actually a file that holds harmful executable files. Upon execution, the stealer malware within the file will start gathering sensitive data without the user noticing.
Where Can I Find the Fake ChatGPTs?
It's safer to assume that you will always be encountering false sites that hackers created to look like the real thing. It's also harder to distinguish the fake ones from the real ones since threat actors clone the actual website and replace the links with malicious ones instead.
There are also fake ChatGPT apps that are even being promoted on Google Play as well as third-party Android app stores, according to reports. This will in turn push malware into the devices used to open or download from the infected links or sites.
Cyble already discovered 50 malicious applications that use ChatGPT's popularity and name to lure victims into downloading malware. One of them is a credit card stealing page with the domain "pay.chatgptftw.com" which poses as a site for buying ChatGPT Plus.
For the sake of being safe, it's important to know that ChatGPT has no other sites but https://chat.openai.com, and there are also no mobile or desktop apps for the OpenAI chatbot.