Cybersecurity Cloud & Data

Beware the ChatGPT imposter: Android malware pretending to be ChatGPT

A new android malware has emerged, disguising itself as ChatGPT according to a Palo Alto Networks blog titled ‘Android Malware Impersonates ChatGPT-Themed Applications’. The malware emerged following the release of OpenAI’s GPT-3.5 and GPT-4, targeting users interested in using the ChatGPT tool.

Read more: Atomic Wallet crypto breach, ‘a testament to the risk associated with single point failure system’

The malware includes a Meterpreter Trojan disguised as a “SuperGPT” app. It enables remote access to infected Android devices upon successful exploitation. The digital code-signing certificate used in the malware samples is associated with an attacker identified as “Hax4Us.” The certificate has been used across multiple malware samples. A cluster of malware samples, masquerading as ChatGPT-themed apps, sends SMS messages to premium-rate numbers in Thailand. These numbers incur charges for the victims, facilitating scams and fraudulent activities.

The emergence of new AI technology and large language models like ChatGPT have made it easier for cybercriminals to generate malicious code, Business Email Compromise (BEC) attacks, and develop polymorphic malware that makes it harder for victims to identify phishing

Analysing the two active malware clusters, Meterpreter Trojan disguised as a “SuperGPT” app and a “ChatGPT” app that sends premium-rate text messages to numbers in Thailand, resulting in charges for the victims that are pocketed by threat actors. Considering, Android users can download applications from various sources other than the official Google Play store, there is potential for users to obtain applications that have not been vetted by Google.

The Rise in New and Evolving Threats like ChatGPT

In April,Zscaler, Inc. (NASDAQ: ZS), a cloud security company released its 2023 ThreatLabz Phishing Report, which deduced that the emergence of new AI technology and large language models like ChatGPT have made it easier for cybercriminals to generate malicious code, Business Email Compromise (BEC) attacks, and develop polymorphic malware that makes it harder for victims to identify phishing.

Malicious actors are also increasingly hosting their phishing pages on the InterPlanetary File System (IPFS), a distributed peer-to-peer file system that allows users to store and share files on a decentralized network of computers. It is much more difficult to remove a phishing page hosted in IPFS because of its peer-to-peer network aspect.

While the top targeted brands include Microsoft, Binance, Netflix, Facebook, and Adobe, AI tools like ChatGPT and Phishing Kits have significantly contributed to the growth of phishing, reducing the technical barriers to entry for criminals and saving them time and resources.

OpenAI’s ChatGPT was itself recently affected by a bug in an open-source library, causing some users to be able to view other users’ conversation history and payment details. Yiftach Shoolman, Redis’ co-founder and CTO, noted that a bug report is one way to discover the usage of open-source software.

Read more: New cloud computing capabilities for streaming video

In this era of rapid technological advancements, it is crucial for users to remain informed, exercise caution, and prioritize cybersecurity measures. Both individuals and organizations must adopt a proactive approach to safeguarding their digital presence and contribute to the ongoing battle against emerging threats. Only by staying ahead of the curve can we hope to navigate the intricate landscape of cybersecurity with confidence and resilience.

Navanwita Bora Sachdev

Navanwita is the editor of The Tech Panda who also frequently publishes stories in news outlets such as The Indian Express, Entrepreneur India, and The Business Standard

Recent Posts

Transforming green finance for Indian SMEs: The AI & Fintech revolution in rural development

The financial industry is undergoing a remarkable evolution as the confluence of technology and sustainability…

1 day ago

Trump victory sends Bitcoin soaring: What do crypto experts say?

As Donald Trump makes a comeback in the US elections, breaking many Democrat hearts across…

2 days ago

Banking on network security: Fortifying banking networks against advanced persistent threats

Imagine a major bank with millions of customers, processing transactions every minute. Everything appears secure,…

2 days ago

The role of AI-driven platforms in facilitating blue-collar manpower placement in the Middle East

The Middle East's rapid economic transformation is reshaping its workforce dynamics, particularly in the blue-collar…

2 days ago

India’s first-ever carbon dioxide removal credits from industrial biochar under Puro.Earth

Varaha, Indian carbon removal company, issued durable carbon dioxide removal (CDR) credits from industrial biochar…

4 days ago

M&A: The art of the deal

The Tech Panda takes a look at recent mergers and acquisitions within various tech ecosystems…

5 days ago