A recent report by Push Security has revealed that cybercriminals are utilizing legitimate ChatGPT domains to deliver malware via phishing attacks. The attackers exploit ChatGPT's code-rendering capabilities to create fake download pages masquerading as official services. These fake pages, often reached through malicious Google ads and SEO manipulation, prompt users to download what they believe is a legitimate app but actually directs them to a phishing site that installs malware.
The report also highlights a broader trend where similar tactics are being employed against both ChatGPT and Claude users, indicating a coordinated approach among attackers.