Malware campaign abusing ChatGPT shared links detected

Threat actors are abusing ChatGPT’s shared conversation links to display fake outage notices to users and direct them to download malware disguised as the ChatGPT desktop application.

In the identified campaign, users searching for ChatGPT are redirected through Google ads to a shared page hosted on the “chatgpt.com” domain. Since the page is opened through a legitimate domain, it creates the impression of a trusted source. However, instead of displaying regular chat content, the page presents a fake notice claiming that the web version of ChatGPT is temporarily unavailable.

The fake notice states that the website is temporarily unavailable due to high user traffic and encourages users to download the desktop application in order to continue using the service. This approach is designed to create a sense of urgency and prompt users to click the download button.

Unlike traditional phishing pages hosted on attacker-controlled infrastructure, the fake notice in this campaign is displayed through ChatGPT’s own content rendering capabilities. The attackers create custom HTML and CSS content and publish it through a shared “chatgpt.com/s/” link. As a result, the user sees the fake page through a legitimate ChatGPT URL.

When the user clicks the download button, they are redirected to a separate website that impersonates OpenAI’s desktop application download portal. According to available information, this website uses “cloaking” techniques to display malicious content only to targeted users, while showing harmless content to security analysis systems. In this way, the campaign attempts both to deceive users and to evade automated security checks.

The website offers download files for Windows and macOS. Although these files are presented as the ChatGPT desktop application, they install malware on users’ devices. Analysis of the Windows version showed that it performs various checks to determine whether the device is a real user environment or a virtual analysis environment. This type of behavior is commonly used by malware to complicate security research and detection.

This campaign demonstrates that threat actors are no longer relying on fake domains but are also attempting to use the sharing capabilities of legitimate artificial intelligence platforms as part of their attack chain. Therefore, users should download applications only from official sources and carefully verify advertisement-based links and download prompts displayed on artificial intelligence platforms before interacting with them.