Android malware disguised as ChatGPT apps are increasingly targeting smartphone users.
Android malware impersonating the popular AI Chatbot, ChatGPT, developed following the release of OpenAI’s GPT-3.5 and GPT-4, targeting people interested in using the ChatGPT tool.
There are two current malware clusters: the Meterpreter Trojan, which masquerades as a “SuperGPT” software and is built with the Metasploit framework, and the “ChatGPT” app, which sends premium-rate text messages to Thai numbers, resulting in charges for the victims that are pocketed by threat actors.
Given that Android users can download programs from sources other than the official Google Play store, such as websites or links in emails, there is a risk that users will receive applications that have not been verified by Google.
Certificate Attribution is another sort of threat in which the digital code-signing certificate used to sign the sample belongs to the attacker in the malware samples and is associated with an attacker known as “Hax4Us.” The certificate has been used in several malware packages.
