Hackers are using fake ChatGPT apps to attack Windows and Android users.
Over 50 fake apps have been tracked, a number of which are on Google Play Store.
- Security researchers have tracked fake domains such as chat-gpt-pc(.online).
- This domain was being marketed through Facebook ads as the real version of ChatGPT. Once users clicked on the link, they were redirected to a phishing website where their login credentials were targeted.
- Other domains, such as pay.chatgptftw(.com), contained fake landing pages where users were directed to put in their banking information, putting them at risk of having their entire funds stolen.
- One of the apps that were highlighted by researchers is named AI Photo. This app drops the Spynote malware, enabling hackers to steal call logs, contact lists, SMS, and files.
