This malware steals social media credentials under ChatGPT app disguise
Synopsis
According to cybersecurity firm Kaspersky, cybercriminals are distributing the malware via Facebook communities, offering a fake desktop version of ChatGPT.
By IANS
Last Updated:
A team of researchers have identified a new and ongoing malware campaign that capitalises on the increasing popularity of the ChatGPT AI chatbot, a new report said on Thursday.
"This campaign targeting ChatGPT is a prime example of how attackers are leveraging social engineering techniques to exploit the trust that users place on popular brands and services. It is important for users to understand that, just because a service appears to be legitimate, it doesn't mean that it is," said Darya Ivanova, a security expert at Kaspersky.
Other than the bot, users are infected with the Fobo Trojan, which steals sensitive data such as Facebook, TikTok, and Google account credentials, as well as personal and corporate financial information.
When users click on the link in the post, they are directed to a well-designed website that looks almost identical to the official ChatGPT website, said the report.
The website then directs users to download a purported ChatGPT version for Windows, which is actually an archive containing an executable file.
The installation process then begins but abruptly ends with an error message stating that the programme could not be installed.
In fact, the installation of the program proceeds without the users' knowledge and a new stealer Trojan, Trojan-PSW.Win64.Fobo, is installed on the user's computer, according to the report.
This Trojan is intended to steal information about saved accounts from browsers such as Chrome, Edge, Firefox, and Brave.
As part of the attack, the Trojan steals login credentials as well as attempts to obtain additional information, such as the amount of advertising money and the current balance of the business accounts.
The attackers are going after the global market. Users in Africa, Asia, Europe, and America have been targeted by the fraudulent "desktop client" for ChatGPT, the report mentioned.
ADVERTISEMENT
According to cybersecurity firm Kaspersky, cybercriminals are distributing the malware via Facebook communities, offering a fake desktop version of ChatGPT.Elevate Your Tech Prowess with High-Value Skill Courses
Offering College | Course | Website |
---|---|---|
Indian School of Business | Professional Certificate in Product Management | Visit |
IIT Delhi | Certificate Programme in Data Science & Machine Learning | Visit |
Indian School of Business | ISB Product Management | Visit |
Other than the bot, users are infected with the Fobo Trojan, which steals sensitive data such as Facebook, TikTok, and Google account credentials, as well as personal and corporate financial information.
When users click on the link in the post, they are directed to a well-designed website that looks almost identical to the official ChatGPT website, said the report.
The website then directs users to download a purported ChatGPT version for Windows, which is actually an archive containing an executable file.
ADVERTISEMENT
The installation process then begins but abruptly ends with an error message stating that the programme could not be installed.
In fact, the installation of the program proceeds without the users' knowledge and a new stealer Trojan, Trojan-PSW.Win64.Fobo, is installed on the user's computer, according to the report.
ADVERTISEMENT
This Trojan is intended to steal information about saved accounts from browsers such as Chrome, Edge, Firefox, and Brave.
As part of the attack, the Trojan steals login credentials as well as attempts to obtain additional information, such as the amount of advertising money and the current balance of the business accounts.
ADVERTISEMENT
The attackers are going after the global market. Users in Africa, Asia, Europe, and America have been targeted by the fraudulent "desktop client" for ChatGPT, the report mentioned.