ChatGPT, the chatbot designed by OpenAI which is capable to generate a surprisingly human-like response to users’ queries, has taken the world by storm ever since its prototype launch in November 2022. From companies to users, the chatbot is seeing vast usage for a range of cases around the world, from assisting court judges to helping school kids take care of their assignments. Now, a group of researchers have discovered a fresh malware campaign that is cashing on the rising popularity of ChatGPT, as per cybersecurity firm Kaspersky.
The firm identified that bad actors are distributing the malware via communities on Facebook, sharing a fake version of ChatGPT on the desktop to unsuspecting users.
Kaspersky security expert Darya Ivanova said, “This campaign targeting ChatGPT is a prime example of how attackers are leveraging social engineering techniques to exploit the trust that users place in popular brands and services. It is important for users to understand that, just because a service appears to be legitimate, it doesn’t mean that it is.”
ALSO READ: How ChatGPT Can Come To Teachers’ Aid Despite Downsides
Users are reportedly being infected with the Fobo Trojan, which can steal data such as Facebook, TikTok, and Google account credentials, as well as personal and corporate financial information. When unsuspecting users click on the link in the post, they are directed to a professionally designed website that looks almost identical to OpenAI’s own ChatGPT platform.
The fake website then directs users to download a fake ChatGPT version for Windows, which is actually an archive containing an executable file. The installation process then begins but abruptly ends with an error message stating that the programme could not be installed.
ALSO READ: MeitY Working On WhatsApp Chatbot That Uses Data From ChatGPT
In fact, the installation of the program proceeds without the users’ knowledge and a new stealer Trojan, Trojan-PSW.Win64.Fobo, is installed on the user’s computer, according to the report.
This Trojan is intended to steal information about saved accounts from browsers such as Chrome, Edge, Firefox, and Brave.
As part of the attack, the Trojan steals login credentials as well as attempts to obtain additional information, such as the amount of advertising money and the current balance of the business accounts. The attackers are reportedly going after the global market. Users in Africa, Asia, Europe, and America have been targeted by the fraudulent “desktop client” for ChatGPT, the report mentioned.
(With inputs from IANS)