Hackers are now using ChatGPT share links to deliver malware
Researchers have uncovered a new malware campaign utilizing legitimate domains to deliver infostealer malware through a method called 'LLMShare.' This approach exploits the share features of popular chatbots like ChatGPT, tricking users into downloading malicious software. Hackers are increasingly leveraging AI to enhance their tactics and create more convincing social engineering schemes.
- ▪The campaign uses sponsored Google ads targeting terms related to ChatGPT to lure victims.
- ▪Users are directed to a fake page that mimics a legitimate ChatGPT share link, making it difficult for security measures to detect.
- ▪The malware targets both Windows and macOS users, with specific payloads designed for each operating system.
Opening excerpt (first ~120 words) tap to expand
Researchers at Push Security have identified a new campaign by threat actors that delivers infostealer malware through legitimate domains, tagged "LLMShare." freestar.config.enabled_slots.push({ placementName: "neowin_incontent_all_devices", slotId: "neowin_incontent_all_devices" }); Basically, "LLMShare" works by abusing the share features of popular LLM chatbots like ChatGPT. The attackers render a custom HTML layout directly on the legitimate domain to display a fake system maintenance message like "we're experiencing high traffic right now," to simulate a crash, and try to get you to download their desktop app.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Neowin.
Discussion
0 commentsMore from Neowin
