According to Kaspersky IT security researchers, hackers continue to ride on the success of ChatGPT. In particular, experts have identified a campaign aimed at Windows computers.
In the beginning, scammers created Fake OpenAI accounts, named after the startup behind the chatbot, on social networks. Through these accounts, they have widely shared advertisements for the alleged official ChatGPT Windows application. However, this desktop version simply does not exist…
“This campaign is a prime example of how attackers can take advantage of social engineering techniques to exploit users’ trust in popular brands and services.”explains Daria Ivanova, security expert at Kaspersky.
Also Read: Books by ChatGPT are Rising at Amazon
How do hackers deceive their victims?
During the investigation, Kaspersky discovered a large number of groups Compiled by social media hackers. These groups bring together a large community of techies who are attracted to ChatGPT. The pirates share OpenAI accounts already created.
These accounts must be able to converse with the AI. It is not surprising that hackers mainly target live internet users In countries without access to ChatGPT. In fact, OpenAI blocks chatbot access in Russia, China, Egypt and Iran. The startup chose not to deploy its chatbot in countries run by an authoritarian regime.
To check the whereabouts of Internet users, the company requests a phone number when registering. According to Kasperksy, hackers are browsing for ChatGPT not to be available in these countries to trick their victims. Netizens, curious to test artificial intelligence, are looking for workarounds.
To further incentivize potential users, the attackers say that each account already has $50 in its balance, which can be spent on using the chatbot.Kaspersky explains.
In these largely Russian-speaking groups, scammers also share messages containing a download link for the fake Windows application. This link depends on A website imitating the OpenAI interface. Then the Internet user is asked to download the installation file.
This is when the trap closes. The file already contains files Trojans, it is called Trojan-PSW.Win64. fobo. During the installation of the fake Windows client, the process will suddenly stop, making the netizen think that the file did not work. However, behind the scenes, the installation file introduced malware into the computer.
Once installed, the malware will Collect all cookies stored on a computer’s hard drive. Deposited by websites, these small files contain information that is sometimes valuable to hackers. Thanks to cookies, hackers can bypass the anti-fraud or anti-hacking mechanisms of online platforms.
Above all, the malware will siphon the identifiers (username and password) of the Facebook, TikTok, and Google accounts connected to the computer. Instead, it targets business accounts, and Tries to obtain additional information, such as the amount of money spent on advertising.. An attacker could take control of these accounts or resell them en masse on the dark web for cryptocurrency. The Trojan can steal data through various browsers including Chrome, Edge, Firefox, and Brave.
One solution to use ChatGPT
Likewise, unscrupulous developers try to make money from ChatGPT. In the App Store and Play Store, there are many applications that are an official solution. To access the free version of the chatbot, the developers charge expensive monthly subscriptions. When asked about the question by 01Net, ChatGPT also warns netizens:
“It is unfortunately common to see rogue apps or fake accounts impersonating legitimate services like ChatGPT”.
For dialogue with ChatGPT, we recommend that you go to On the official OpenAI website. At this point, there is no official Windows client or smartphone app. However, the startup will be working on a mobile app, but the release date is still unknown.
