A new malware campaign has been discovered that exploits the growing popularity of the ChatGPT AI chatbot. According to a statement from Kaspersky Lab, cybercriminals are spreading malware through Facebook communities by offering a fake desktop version of ChatGPT.
Instead of a chatbot, users get a Trojan called Fobo that steals sensitive information such as Facebook, TikTok and Google accounts, as well as personal and corporate financial data.
The company’s researchers recently discovered an active malicious campaign targeting users of ChatGPT, an artificial intelligence chatbot that has been attracting attention from IT enthusiasts, influencers, content creators and others for the past few months.
Cyber-scammers create social media groups that impersonate official OpenAI accounts or at least look like communities of ChatGPT enthusiasts.
These scam groups post what appears to be official news about the program and promote a program that pretends to be a desktop client for ChatGPT.
When users click on a link in a post, they are taken to a well-designed website that looks almost identical to the official ChatGPT website. The site asks the user to download a supposed Windows version of ChatGPT, which is actually an executable archive. The installation process starts but stops abruptly with an error message stating that the program could not be installed. Users may think that the program simply did not install and forget about it.
In fact, the program is installed without the users’ knowledge and a new Trojan, Trojan-PSW.Win64.Fobo, is installed on the user’s computer. This Trojan is designed to steal saved account information from various browsers, including Chrome, Edge, Firefox, and Brave, etc.
The attackers behind the Trojan are particularly interested in stealing cookies and login data from Facebook, TikTok and Google accounts, especially corporate ones. The Trojan steals this data and tries to obtain additional information, such as the amount of money spent on advertising and the current balance of business accounts.
The attackers are targeting the global market. Users from Africa, Asia, Europe and America have already fallen victim to this fake ChatGPT app.
Some safety tips:
- Be careful when downloading software from the Internet, especially if it is from an unofficial site. Always try to download software from the official website of the company or service you use.
- Check if the website you are downloading the software from is legitimate. Look for a “lock” icon in the address bar and make sure the website’s URL starts with “https://” to make sure the site is secure.
- Use strong, unique passwords for each of your personal accounts and enable two-factor authentication whenever possible. This can help protect your accounts from malicious attacks.
- Be wary of suspicious links or emails from unknown sources. Fraudsters often use social engineering techniques to trick users into clicking on links or downloading malware.
- Use a reliable security solution and keep it up to date.
Photo source: Dreamstime.com
Source: Hot News
Lori Barajas is an accomplished journalist, known for her insightful and thought-provoking writing on economy. She currently works as a writer at 247 news reel. With a passion for understanding the economy, Lori’s writing delves deep into the financial issues that matter most, providing readers with a unique perspective on current events.