Threat of Android malware disguised as ChatGPT app on the rise: Report

BL Bengaluru Bureau Updated - June 16, 2023 at 06:19 PM.

Previous studies on malware disguising itself as a ChatGPT-related tool has discovered that scammers were utilizing the popularity of ChatGPT to launch assaults

Smartphone users are increasingly being targeted by Android malware disguised as ChatGPT apps, according to a report by Palo Alto Networks.

A blog titled ‘Android Malware Impersonates ChatGPT-Themed Applications’ showed that the Android malware pretending to be the popular AI Chatbot, ChatGPT emerged following the release of OpenAI’s GPT-3.5 and GPT-4, targeting users interested in using the ChatGPT tool.

There are two active malware clusters - Meterpreter Trojan disguised as a “SuperGPT” app, it is created using the Metasploit framework, and a “ChatGPT” app that sends premium-rate text messages to numbers in Thailand, resulting in charges for the victims that are pocketed by threat actors, the study noted.

Also read: Zoho to build ChatGPT-like large language mode

Considering, Android users can download applications from various sources such as websites or links in emails other than the official Google Play store, there is potential for users to obtain applications that have not been vetted by Google.

Previous studies on malware disguising itself as a ChatGPT-related tool has discovered that scammers were utilizing the popularity of ChatGPT to launch assaults. Threat actors are using similarly worded domain names to trick victims into giving away personal information or downloading malware, the finding discovered.

Other threats

Another type of threat is Certificate Attribution- the digital code-signing certificate used to sign the sample belongs to the attacker in the malware samples and is associated with an attacker identified as “Hax4Us.” The certificate has been used across multiple malware samples.

A cluster of malware samples, masquerading as ChatGPT-themed apps, sends SMS messages to premium-rate numbers in Thailand. These numbers incur charges for the victims, facilitating scams and fraudulent activities, was also seen.

Mobile users should take proactive precautions against this kind of infection, such as installing reliable antivirus software, exercising caution when downloading apps from unofficial sources, and keeping their devices up to date with the most recent security patches, the company noted.

With inputs from BL Intern Shayna Cedric

Published on June 16, 2023 11:55

This is a Premium article available exclusively to our subscribers.

Subscribe now to and get well-researched and unbiased insights on the Stock market, Economy, Commodities and more...

You have reached your free article limit.

Subscribe now to and get well-researched and unbiased insights on the Stock market, Economy, Commodities and more...

You have reached your free article limit.
Subscribe now to and get well-researched and unbiased insights on the Stock market, Economy, Commodities and more...

TheHindu Businessline operates by its editorial values to provide you quality journalism.

This is your last free article.