The cyber security company Kaspersky warned that ChatGPT, the artificial intelligence of the moment, is used by malicious actors. Cybercriminals have created fake apps, very similar to the original one, to steal personal data.
According to the company’s experts, the scammers create groups on social networks that convincingly imitate the official accounts of the laboratory of OpenAI artificial intelligence or ChatGPT enthusiast community. That’s why it’s always better to use the web versions of these programs and not download the executables.
Thus, threat actors upload seemingly official posts with news about the service and promote a program disguised as a desktop client for ChatGPT.
Once users click on the link in the post, they are taken to a well-designed website that looks almost identical to the official ChatGPT page. But it’s a scam that steals your credentials by entering your username and password.
The login data is then used by cybercriminals to commit multiple crimes, from identity theft until the accounts are cleared.
Hundreds of ChatGPT records
In addition to Kaspersky, various cybersecurity researchers have already discovered thousands of newly registered domains that they use the term “ChatGPT”. While not all of these domains will be pooled for criminal purposes, some of them are already being used this way.
Cybersecurity researcher Dominic Alvieri shared his findings on social media regarding the fake ChatGPT websites he found, which attempt to spread malware and steal private information from victims.
According to Alvieri, and as first reported on the specialized site Bleeping Computer, one of these websites “chat-gpt-pc.online” was offered as a local downloadable application for Windows.
Alvieri discovered that this download would inject users with information-stealing malware (thief) Red line. This virus steals information stored in users’ applications, such as their web browser.
For example, if a user does Google Chrome memorize yours Passwords or your credit card information, this malware can extract the data and send it to the hacker. And from there they take advantage of it to commit crimes.
In addition to targeting Windows users, Alvieri also found rogue apps from ChatGPT on Google Play Store, with which Android would be under the eyes. Upon download, these apps distribute similar phishing campaigns to steal users’ information.
more red flags
On the other hand, cybersecurity firm Cyble discovered how pervasive it was becoming, by discovering more than 50 Fake ChatGPT Apps.
And Cyble’s report found some interesting ways that cybercriminals were also trying to rip off their victims. One download installed a program called “chatGPT1”, which does not provide any artificial intelligence utility, but secretly subscribes its target to numerous paid services in what is known as SMS billing fraud.
Those who want to use ChatGPT without getting scammed should go directly to the OpenAI website at the official URL or their new domain.
Therefore, as ChatGPT continues to grow its user base and especially after introducing a paid item through its membership plan of $20 a monthusers should beware of bad faith actors trying to steal their information and exploit the trend of artificial intelligence.
Source: Clarin
Linda Price is a tech expert at News Rebeat. With a deep understanding of the latest developments in the world of technology and a passion for innovation, Linda provides insightful and informative coverage of the cutting-edge advancements shaping our world.