ChatGPT has gained immense popularity as soon as it first became available on November 30, 2022. However, its very popularity has ensured that scammers try to take advantage of gullible users by rolling out fake ChatGPT AI chatbots. In fact, ChatGPT has presented an enormous opportunity for scammers to launch malware attacks and it has now acquired dangerous proportions. In the past few months, several apps and software masquerading as ChatGPT-tools have been rolled out. In the latest development, as per researchers at Palo Alto Networks’ Unit 42, a new wave of malware variants has surfaced simultaneously with the launch of OpenAI’s GPT-3.5 and subsequently GPT-4. These malicious software variations specifically target users who are interested in using the ChatGPT tool.
Further investigation by the researchers has identified two distinct types of active malware. The first one masquerades as a “SuperGPT” app but in reality, it is a Meterpreter Trojan. It is a GPT-4 powered AI assistant, able to perform tasks such as writing emails, answering questions, and writing articles. Moreover, it also comes equipped with speech recognition and language translation.
The second variant poses as a “ChatGPT” app, but instead sends messages to premium-rate numbers located in Thailand. If successfully exploited, the malicious version of this application allows the hackers to remotely access an Android device. Furthermore, all of these APK samples possess the OpenAI logo, commonly associated with ChatGPT, as their application icon. This further contributes to the deceptive narrative that these applications are somehow connected to the ChatGPT AI tool.
Researchers have warned that the emergence of APK malware themed around ChatGPT presents a grave threat to the security and privacy of mobile devices. Such malware variants have the potential to steal sensitive information, engage in unauthorized spying of user activities, and cause substantial financial harm.
What should ChatGPT users do?
- In order to safeguard yourself against this kind of malware, you should adopt proactive measures. These include installing reliable antivirus software on your smartphone.
- Also, exercise caution when downloading apps from third-party sources.
- Always download the apps from reliable sources. Also, always read thoroughly and verify who the creator of the app is before downloading.
- Keep regularly updating your devices with the latest security patches whenever they are available.