Threat actors are exploiting ChatGPT's content-sharing feature to create fake outage pages that mislead users into downloading malware disguised as the ChatGPT desktop application. This "LLMShare" campaign uses Google ads to direct users to a malicious page hosted on a legitimate OpenAI domain, ultimately leading to malware installation on victims' devices.
Threat actors are exploiting ChatGPT's content-sharing feature to host fake outage pages that deliver malware, using legitimate OpenAI domains to bypass traditional security measures. This highlights the need for enhanced monitoring of AI platform sharing features and a thorough verification process for downloads, even when originating from seemingly legitimate sources. Prioritizing security awareness training on these attack vectors can help reduce susceptibility to such sophisticated social engineering tactics.