Smartphone users are increasingly being targeted by Android malware disguised as ChatGPT apps, according to a report by Palo Alto Networks.
A blog titled ‘Android Malware Impersonates ChatGPT-Themed Applications’ showed that the Android malware pretending to be the popular AI Chatbot, ChatGPT emerged following the release of OpenAI’s GPT-3.5 and GPT-4, targeting users interested in using the ChatGPT tool.
There are two active malware clusters - Meterpreter Trojan disguised as a “SuperGPT” app, it is created using the Metasploit framework, and a “ChatGPT” app that sends premium-rate text messages to numbers in Thailand, resulting in charges for the victims that are pocketed by threat actors, the study noted.
Also read: Zoho to build ChatGPT-like large language mode
Considering, Android users can download applications from various sources such as websites or links in emails other than the official Google Play store, there is potential for users to obtain applications that have not been vetted by Google.
Previous studies on malware disguising itself as a ChatGPT-related tool has discovered that scammers were utilizing the popularity of ChatGPT to launch assaults. Threat actors are using similarly worded domain names to trick victims into giving away personal information or downloading malware, the finding discovered.
Other threats
Another type of threat is Certificate Attribution- the digital code-signing certificate used to sign the sample belongs to the attacker in the malware samples and is associated with an attacker identified as “Hax4Us.” The certificate has been used across multiple malware samples.
A cluster of malware samples, masquerading as ChatGPT-themed apps, sends SMS messages to premium-rate numbers in Thailand. These numbers incur charges for the victims, facilitating scams and fraudulent activities, was also seen.
Mobile users should take proactive precautions against this kind of infection, such as installing reliable antivirus software, exercising caution when downloading apps from unofficial sources, and keeping their devices up to date with the most recent security patches, the company noted.
With inputs from BL Intern Shayna Cedric
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.