As technology becomes more intelligent, so do danger actors. Today, a new analysis exposes how threat actors are using the popularity of ChatGPT to propagate malware on Facebook.

Researchers at CloudSEK discovered that threat actors use the popularity of the ChatGPT language paradigm to deceive consumers into installing malware onto their devices.

Using the popularity of ChatGPT to propagate malware

Using previously compromised data, phishing techniques, and stealer logs to take control of Facebook accounts, malware programs are being distributed via various channels such as Trello boards, Google Drive, and websites embedded within Facebook ads – all of which are disguised as the most recent version of ChatGPT.

The in question advertisements are intended to seem as real links to ChatGPT’s most recent version. In order to make the advertisements appear more trustworthy, threat actors add a password to the download URL. After an account has been hijacked, these threat actors might obtain personal information and sell it on unlawful forums to hackers who may then commit cybercrimes.

13 Facebook pages and accounts with a combined reach of 500,000 followers were found to be spreading malware through Facebook advertising, with the earliest occurrence dating back to February 13, 2023. Sometimes, threat actors also target newly formed accounts, some of which are as young as 0 days old!

“The malicious malware is not only capable of stealing sensitive information such as PII, system information, and credit card details from the user’s device, but it also has replication capabilities to spread across systems through removable media. With the ability to escalate privileges and persistently remain on the system, it poses a significant threat.”

According to the research, the group or individual threat actor uses a specific video to attract and engage the audience through hijacked accounts. At least 25 websites have been identified as attempting to impersonate OpenAI’s website.

How can you keep safe?

First and foremost, ChatGPT is not a downloaded application and can be used from the website. Hence, if you ever see a link to “download” ChatGPT, you may be certain it is a hoax.

Also, do not download files from unreliable sites on your mobile device or computer. Instead of downloading raw installation files, visit the Microsoft Store (on your Windows laptop) or Play Store (on Android) to get applications. This protects your data and eliminates the possibility of automatically distributing harmful links to your contacts. In addition, avoid suspicious advertisements and link shortening providers.

    Leave a Reply