Cybercriminal distributes fake ChatGPT apps online to push malware


Cybersecurity advocates have warned that the battle with cybercriminals is just beginning. While everyone buckles their seatbelts and prepares for the massive attacks of AI-programmed malware, cybercriminals are moving ahead and programming more subtle ways to spread malware. Their latest invention is programming and distributing fake ChatGPT applications online.

Most people are unaware that ChatGPT can only be accessed online, as Open AI, the producer, has not yet programmed a ChatGPT app for Android and PC. Cybercriminals are taking advantage of the popularity of the voice processing engine and the recent $20/month ChatGPT plus subscription fee to produce fake apps and website links, garnished with promises of free ChatGPT plus service for the masses. These apps and websites have been confirmed to be appearing in the Google Play store, third party Android app stores and on social platforms such as Facebook.

Security researcher Dominic Alvieri was one of the first to spot this clever move by cyber criminals. He published a similar but dubious domain name like "" and a fake ChatGPT app on the Play Store. Clicking on the site will infect the user with the Redline information-stealing malware under the guise of downloading a ChatGPT Windows desktop client.
There are many sites that copy .ai and cause such harm to the user:

  • capable of distributing malware that steals clipboard contents
  • capable of delivering the Lumma stealer
  • capable of installing unknown malware family

Furthermore, Cyble discovered a credit card stealing page at “pay.chatgptftw .com” that offers visitors a fake portal to purchase ChatGPT plus. They revealed over 50 similar but malicious ChatGPT apps and websites.
Victims of this malware are at grave risk of losing control of their computer system and mobile while their money and sensitive information will not be spared.

ChatGPT is exclusively an online based tool, available only at “chat.openai .com, and does not offer any mobile or desktop app for any operating systems at the moment.