Europol is worried that hackers can use generative artificial intelligence (AI) services like ChatGPT and Google Bard to code malware and other fake apps that can trick unsuspecting users. And security researchers have already shown how easy it is to manufacture undetectable malware with the help of ChatGPT, despite the protections OpenAI built into its large language model.
But there’s another dangerous type of malware attack going around, which doesn’t actually use the powers of ChatGPT to create fake apps. Instead, security researchers found that malicious individuals use extensions and apps masquerading as legitimate ChatGPT or Google Bard apps. They can then use these apps as vectors to deploy data-stealing malware.
It all starts with ChatGPT and Google Bard downloads
The attack is quite simple, and it’s the unfortunate result of OpenAI’s ChatGPT business model. One that Microsoft and Google also follow.
OpenAI doesn’t have specialized ChatGPT apps for different operating systems. The generative AI is available via web browsers on any device. But plenty of companies have created legitimate AI apps for various platforms. iOS is one such example, as iPhone offers access to plenty of great ChatGPT apps.
There’s also an increasing number of browser extensions that make using ChatGPT easier than going to OpenAI’s website.
Therefore, users are already trained to seek easier ways to access ChatGPT. Google Bard isn’t even widely available, but fake apps would get plenty of attention. Malicious actors only have to get unsuspecting users to install the fake ChatGPT or Google Bard extensions or apps on their machines.
How the malware attacks work
YouTuber John Hammond showed in a video the myriad of ChatGPT apps and extensions available to download right now. The clip is based on Guardio’s report detailing a fake ChatGPT Chrome Extension that distributed malware to targets.
Users who installed the app would be at risk of the malware stealing access to their Facebook accounts. Attackers could hijack those accounts for malicious purposes, including paying for ads with the user’s money. The malware would also extract user data, which hackers can sell online or use for additional attacks.
Moreover, the malware can even deploy a fake Facebook app that can further control your profile and pages. The app looks like the real thing but has all permissions enabled, giving hackers complete control over a Facebook profile and page.
The attack consists of two steps and has nothing to do with the massive powers of ChatGPT. The AI isn’t involved at all in the process.
First, the hackers deploy malware-as-a-service software. Specifically, we’re looking at the RedLine Stealer malware, which sells for around $150 on the dark web.
The attackers then try to steal the credentials of a Facebook business or community account with thousands of followers. After that, they use the Facebook pages to deploy sponsored posts that promote free downloads of ChatGPT and Google Bard apps. When users download the fake apps, they actually get the RedLine Stealer malware.
The malware can then steal sensitive information from the users who installed the fake apps. Your credit card details and other saved credentials inside the browser might be at risk. The same goes for other data on your computer.
How to defend against fake ChatGPT apps
According to Veriti’s information, the attacks based on the popularity of AI apps like ChatGPT and Google Bard have been on a steady rise since January, showing a massive increase in March. The trend will probably continue as long as unsuspecting users keep falling for fake AI apps.
You should run antivirus software on your devices and install the latest security patches to increase the chances of detecting malware apps running on your machines. You might also want to run ChatGPT in a separate browser from the one you use for Facebook and other popular sites. That way, you might reduce the scope of the attacks.
But the easiest way to protect yourself against such attacks is not to download any ChatGPT app or extension until you verify that it’s authentic. Search online for more information about the app, and see who is behind it.
You should not trust any Facebook ads promoting such apps, as you might be at risk of downloading ChatGPT or Google Bard malware instead of the real thing.
Also, ensure you download apps and extensions from trusted stores only after verifying their authenticity.
You should avoid opening any suspicious files and emails you receive to reduce the risk of installing malware that can steal Facebook credentials.
Finally, you should use a strong, unique password for your Facebook account, especially if you manage pages and communities with many followers. And you might want to change that password frequently to make the attackers’ job more difficult.