Search This Blog

Wednesday, July 12, 2023

Palo Alto Networks Unit 42 Research Discovers Android Malware Masquerading as ChatGPT Apps, Targeting Smartphone Users

Palo Alto Networks, the global cybersecurity leader, has recently found a surge in Android malware that is pretending to be the popular AI Chatbot ChatGPT. The malware emerged following the release of OpenAI's GPT-3.5 and GPT-4, targeting users interested in using the ChatGPT tool.


A Meterpreter Trojan disguised as a "SuperGPT" app and a "ChatGPT" app are found to send premium-rate text messages, resulting in charges for the victims that are pocketed by threat actors. Considering that Android users can download applications from various sources other than the official Google Play store, there is potential for users to obtain applications that have not been vetted by Google.

 

Key findings include:

 

      Impersonation of ChatGPT: A new android malware has emerged, disguising itself as ChatGPT. This surge coincided with the release of OpenAI's GPT-3.5 and GPT-4, targeting users interested in ChatGPT.

      Meterpreter Trojan: The malware includes a Meterpreter Trojan disguised as a "SuperGPT" app. It enables remote access to infected Android devices upon successful exploitation.

      Certificate Attribution: The digital code-signing certificate used in the malware samples is associated with an attacker identified as "Hax4Us." The certificate has been used across multiple malware samples.

      SMS to Premium-Rate Numbers: A cluster of malware samples, masquerading as ChatGPT-themed apps, sends SMS messages to premium-rate numbers in Thailand. These numbers incur charges for the victims, facilitating scams and fraudulent activities. 

No comments:

Post a Comment

AirAsia Philippines Closes 2024 with Record-Breaking Growth and Service Milestones

AirAsia Philippines is set to close 2024 on a high note, marking a year of significant growth and achievements that have shaped the airline’...