Beware of Fake ChatGPT Apps on the Google Play Store
The ChatGPT app is yet to be released for Android users. And if you come across any app that claims to be ChatGPT, you should refrain from using it, as those apps could be dangerous malware designed to steal your personal information. A recent report has shown a growing problem with malware on Android phones. Malware is harmful software that can damage or steal data from your phone. In this case, the malware masquerades as a popular AI chatbot called ChatGPT, which many people use.
Researchers from Palo Alto Networks Unit 42 discovered this malware. They found that it started appearing around when OpenAI released GPT-3.5 and GPT-4. These malware variants specifically target people interested in using the ChatGPT tool.
There are two types of active malware that the researchers identified. One is called a Meterpreter Trojan and disguised as a " SuperGPT " application. The other malware pretends to be the real ChatGPT app but secretly sends messages to expensive phone numbers in Thailand.
The researchers also found a malicious sample of the Android Package Kit (APK), a type of file used to install applications on Android devices. This malicious APK was a modified version of an original app. The legitimate application is an AI assistant based on the latest version of ChatGPT. If someone falls for the trick and installs this malicious version, it allows the attacker to take control of the person's Android phone remotely.
In addition, the researchers discovered another group of malware samples in APK format. These samples appear innocent on the surface, displaying a web page with information about ChatGPT. However, as revealed in the report, they hide a malicious purpose below the surface.
These malware samples are even more deceptive because they use the logo of OpenAI, the organization behind ChatGPT, as their app icon. This adds to the misleading story that these apps are associated with the legitimate ChatGPT AI tool.
These malicious APK samples can send SMS messages to expensive premium rate numbers in Thailand. Premium rate numbers cost more than regular phone numbers and are generally used for services where users pay for information or some service. However, in this case, malware writers are using these numbers to make money through scams and fraudulent activities.