Be Careful, There is a Fake ChatGPT Desktop Application Contains Data Stealing Malware

ChatGPT

Chatbot artificial intelligence ( artificial intelligence / AI) made by OpenAI, ChatGPT is on the rise and is used by many people around the world. The popularity of ChatGPT turns out to be supported by bad actors to spread malicious software ( malware ) that can steal login data on Google Chrome. 


The malware masquerades as the desktop ChatGPT application. Users must now be vigilant regarding the existence of a fake desktop ChatGPT application containing this data-stealing malware . 


The reason is, until now, ChatGPT is only officially available via the site at the URL www.chat.openai.com . ChatGPT is not available in the desktop or mobile version of the application.


Be Careful, There is a Fake ChatGPT Desktop Application Contains Data Stealing Malware

The existence of a fake ChatGPT desktop application containing data-stealing malware was first discovered by a research team from the cybersecurity platform, Trend Micro. 


Through a thread on Twitter, Tren Micro Research revealed that there is a zip archive file named "ChatGPT For Windows Setup 1.0.0.exe". 


The file contains " Infostealer " malware. When the files were installed, Trend Micro Research found ChatGPTSupport.exe and infostealer payload running in the background. 


This malware can extract and decrypt accounts, cookies and history from Chromium-based web browsers, one of which is Google Chrome.


When opening the fake desktop ChatGPT application, the user is presented with the OpenAI logo with a message reading "Welcome to ChatGPT. Log in with your OpenAI account to continue". Then, there is a "Log in" and "Sign up" icon. 


According to Trend Micro Research, the fake desktop ChatGPT client application connects to various domains such as api.telegram.org, facebook.com, graph.facebook.com (to get data in and out of the Facebook platform), and hapi.aiforopen.com.


When opening the fake desktop ChatGPT application, the user is presented with the OpenAI logo with a message reading "Welcome to ChatGPT. Log in with your OpenAI account to continue". Then, there is a "Log in" and "Sign up" icon. 


According to Trend Micro Research, the fake desktop ChatGPT client application connects to various domains such as api.telegram.org, facebook.com, graph.facebook.com (to get data in and out of the Facebook platform), and hapi.aiforopen.com.