On 29/05/26, Push Security unveiled a ChatGPT Malware campaign. Following a rather worrying trend we’ve been seeing lately, these attackers have utilised the legitimate content-sharing feature, immediately making it seem trustworthy, whilst also bypassing traditional security protocols. Since these kinds of attacks are becoming more and more intricate recently, we’ll break down how the attack works, as well as how to look out for anything similar to this in the future.
Dubbed the ‘LLMShare’ campaign, this attack uses Google Ads to lure users into a malicious fake page and is hosted on the official chatgpt.com domain. When a user clicks on it, they will see this:
As expected, the attack then steers the user into pressing the download button and then sends them to another website. Worryingly, this new website utilises cloaking to disguise itself from anyone other than targeted victims. When security researchers such as URLScan visited the webpage, they saw an AR/VR company website- not a fake ChatGPT download portal.
Finally, if the user selects to download “ChatGPT’ through the portal, they unknowingly download the malware, in regular fashion with other campaigns.
While this kind of campaign certainly isn’t unique at a surface level, there are still some concerning parts to it. Firstly, abusing legitimate domains with content-sharing to push malware is becoming more frequent with AI tools and LLMs, which we need to remain vigilant for. Secondly, similar campaigns have also exploited Google Ads for a long time now to display their scams at the top of users’ search results and also create the false illusion of trust.
Since this will likely advance and become more frequent in the future, here’s a short list of steps you can take to make sure you don’t get caught in campaigns like this!
Overall, you should have very little risk of something like this happening to you if you follow the three steps above.
We hope you’ve liked this blog. Stay tuned for more blogs like this. Stay safe!
