Malware Delivered Through Phishing Pages on Legitimate ChatGPT Domains Raises Alarm
Threat actors are increasingly leveraging legitimate ChatGPT domains to deliver malware through phishing pages, according to a recent warning issued by Push Security. The cybersecurity vendor has highlighted a concerning trend in which hackers exploit ChatGPT’s advanced code-rendering capabilities to create counterfeit web pages that impersonate the popular AI platform. These phishing websites mislead victims into downloading malicious executables under the guise of a legitimate service.
The reports from Push Security indicate that these attacks resemble "InstallFix" strategies, which are a subset of the "ClickFix" attack family that the vendor documented earlier this year. This type of malicious activity takes advantage of the growing familiarity with command-line installation processes that many users now possess. However, this trend has resulted in an unfortunate side effect: many individuals lack the expertise to differentiate between legitimate terminal commands and those that are nefarious.
Although specifics regarding the payload delivered through these phishing attacks are not entirely clear, there is a strong suspicion that it involves infostealer malware. Infostealer malware is notorious for capturing sensitive information from infected systems, thereby posing a significant threat to users’ privacy and data security.
To initiate these scams, victims are lured to the fraudulent pages via malicious Google ads, combined with strategies like SEO poisoning that enhance the visibility of these deceptive links. When unsuspecting victims click on these ads, they are redirected to a meticulously designed web page that mimics the ChatGPT brand. The page falsely claims a service outage due to overwhelming traffic and urges users to download a desktop version of the application to continue utilizing the service.
However, clicking the download link does not lead users to a legitimate application but rather directs them to a phishing site that closely resembles the ChatGPT interface. If users proceed by clicking the “download” button on this counterfeit site, they unwittingly install the malware on their devices.
One of the malign factors in this attack is that the initial page is often hosted on a URL like chatgpt.com/s/, which many security scanning tools recognize as trustworthy. Push Security has raised concerns about this effectively undermining traditional detection mechanisms. Furthermore, the second phishing page has been designed to detect security researcher activity, ensuring that it will not display if it senses that it is being scrutinized.
As noted in the vendor’s report, this sophisticated evasion tactic involves conditional rendering—a strategy that has become quite prevalent within the malvertising ecosystem. "Real users in a browser see the fake download page; automated scanners and bots, on the other hand, are presented with something that appears benign," the report elaborated. Such tactics complicate the efforts of security teams and threat intelligence services seeking to identify and analyze these threats.
Emergence of Variations Amidst a Broader Trend
The current campaign is part of a broader pattern of phishing attacks that capitalize on the features of chatbot platforms. For instance, Push Security has identified another series of attacks that utilize shared conversations from chatbot interactions. This feature allows users to generate unique URLs for their dialogues with the AI, which are then used to lure victims.
In these instances, attackers also attract users through similar methods but present them with counterfeit content disguised as an installation guide for "Claude Code on Mac," falsely attributed to "Apple Support." The resulting deception includes a malicious curl command that, upon execution, downloads and executes malware onto the victim’s device.
The cybersecurity vendor reported that both ChatGPT and Claude users are being targeted in these scams. The emergence of tactics aimed at both platforms indicates a possible coordinated campaign, or at least a shared playbook, wherein hackers are experimenting with diverse platforms and social engineering techniques to determine which methods yield the highest rates of success.
Furthermore, Push Security cautioned that four out of five ClickFix attack vectors are now emerging from search results, as opposed to email-based approaches. Malvertising strategies in these campaigns are often closely tailored to specific victim profiles, geographical locations, and other relevant attributes, rendering them even more effective.
As the landscape of cyber threats continues to evolve, the importance of vigilance cannot be overstated. Users are urged to remain cautious when downloading software and to verify the authenticity of the sources they engage with online. The rising incidence of phishing attacks utilizing established brands underscores the necessity for ongoing education and robust cybersecurity defenses.