Android Malware disguised as ChatGPT Apps targeting smartphone users: Palo Alto Networks Unit 42 Research

Palo Alto Networks, the global cybersecurity leader, has recently found a surge in Android malware that is pretending to be the popular AI Chatbot ChatGPT. The malware emerged following the release of OpenAI’s GPT-3.5 and GPT-4, targeting users interested in using the ChatGPT tool.

 

Palo Alto Networks
Android Malware disguised as ChatGPT Apps targeting smartphone users: Palo Alto Networks Unit 42 Research

 

A Meterpreter Trojan disguised as a “SuperGPT” app and a “ChatGPT” app are found to send premium-rate text messages, resulting in charges for the victims that are pocketed by threat actors. Considering that Android users can download applications from various sources other than the official Google Play store, there is potential for users to obtain applications that have not been vetted by Google.

 

Key findings include:

  •  Impersonation of ChatGPT: A new android malware has emerged, disguising itself as ChatGPT. This surge coincided with the release of OpenAI’s GPT-3.5 and GPT-4, targeting users interested in ChatGPT.
  • Meterpreter Trojan: The malware includes a Meterpreter Trojan disguised as a “SuperGPT” app. It enables remote access to infected Android devices upon successful exploitation.
  • Certificate Attribution: The digital code-signing certificate used in the malware samples is associated with an attacker identified as “Hax4Us.” The certificate has been used across multiple malware samples.
  • SMS to Premium-Rate Numbers: A cluster of malware samples, masquerading as ChatGPT-themed apps, sends SMS messages to premium-rate numbers in Thailand. These numbers incur charges for the victims, facilitating scams and fraudulent activities.

Eli

Eli has 28 years of extensive IT sales expertise in Data, voice and network security and integrating them is his masterpiece. Photography and writing is his passion. Growing up as a kid, his father taught him to use the steel bodied Pentax and Hanimex 135mm film and single-direction flash, Polaroid cameras, and before going digital, he used mini DV tape with his Canon videocam. He now shoots with his Canon EOS 30D. Photography and blogging is a powerful mixture for him.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button