Threat actors are exploiting ChatGPT and Claude's content-sharing features to distribute malware through fake outage pages and installation guides. The attacks leverage trusted domains to bypass security detection.
Attackers are abusing the chat-sharing functionality in both ChatGPT and Anthropic's Claude to deliver malware to unsuspecting users.
■ Attack Methods
The primary tactic involves creating fake OpenAI outage pages hosted on shared ChatGPT links. These pages direct users to download what appears to be the ChatGPT desktop application, but actually distributes malware instead.
A secondary approach uses shared conversations that mimic error messages or software installation guides. These deceptive chats slip past security tools because they're hosted on legitimate, trusted domains owned by OpenAI and Anthropic.
■ Why It Works
The attacks succeed due to domain trust. Security filters and user instincts typically allow traffic from well-known services like ChatGPT and Claude. Hosting malware on these domains makes detection significantly harder for both automated systems and manual review.
Shared chat links appear legitimate on the surface, making social engineering more effective. Users encountering what looks like an official status page or error message are more likely to follow instructions without verification.
■ Implications
This represents a growing attack surface created by AI service features designed for convenience. Share links intended to facilitate collaboration and content distribution are being weaponized to distribute malware at scale.
Both OpenAI and Anthropic will need to implement stricter controls over shared content to prevent malicious use. This includes better monitoring for patterns indicative of malware distribution and faster takedown procedures.
Users should exercise caution with shared links from unfamiliar sources and verify software downloads directly from official websites rather than following links in chat conversations or status pages.
Authorities have dismantled a botnet comprising more than 17 million compromised devices. The network was linked to a Russia-based residential proxy operation.
A class action lawsuit filed in Seattle alleges that Amazon's Ring Familiar Faces feature captures and stores facial data from passersby without their consent. The suit claims the facial recognition tool violates privacy rights.
Russia's Federal Security Service announced it discovered a large-scale spyware operation targeting senior government officials' mobile phones, allegedly orchestrated by foreign intelligence agencies.
Hackers abused Meta's AI support chatbot to take over Instagram accounts, including high-profile handles like @obamawhitehouse, by tricking the bot into resetting passwords and changing account emails.