Malware and scams forChatGPTcontinue to become more prevalent as interest in the chatbot developed by OpenAI expands.
There have been a number of instances of bad actors taking advantage of the popularity of ChatGPT since its introduction in November 2022. Many have been using false ChatGPT interfaces toscam unsuspecting mobile usersout of money or infect devices with malware. The most recent threat is a mix of both, with hackers targeting Windows and Android users through phishing pages and aiming to steal their private data, which could include credit card and other banking information, according toBleeping Computer.
Chat GPT PC Online Redline redirect.
I redirected it to closed.
/chat-gpt-pc.online@OpenAI#cybersecurity#infosecpic.twitter.com/lXY5zUyMBj
— Dominic Alvieri (@AlvieriD)August 06, 2025
Security researcher Dominic Alvieri first observed the suspicious activity ofchat-gpt-pc.online, a domain that hosted an info-stealing malware called Redline, which posed as a ChatGPT for Windows desktop download. The website, which featured ChatGPT branding, was being advertised on a Facebook page as a legitimate OpenAI link to persuade people into accessing the nefarious site.
Alvieri found there were also fake ChatGPT apps on Google Play and various other third-party Android app stores, which could send malware to devices if downloaded.
Other researchers have backed up the initial claims, having found other malware that executes different malicious campaigns.Researchers at Cyblediscoveredchatgpt-go.online, which sends out malware that “steals clipboard contents,” includingAurora stealer. Another domain calledchat-gpt-pc[.]onlinesends out malware called Lumma stealer. Yet another calledopenai-pc-pro[.]online, malware that has not yet been identified.
Cyble has also connected the domainpay.chatgptftw.comto a credit card-stealing page that poses as a payment page forChatGPT Plus.
Meanwhile, Cyble said it has uncovered over 50 dubious mobile applications posing as ChatGPT by using its branding or a name that could easily confuse users. The research team said they all have been determined fake and harmful to devices. One is an app calledchatGPT1, which is an SMS-billing fraud app that likely steals credit card information similar to what is described above. Another app isAI Photo, which hosts Spynote malware that is able to access and “steal call logs, contact lists, SMS, and files” from a device
The influx of malware and paid scammers began when OpenAIbegan throttling the speedsand access to ChatGPT due to its booming popularity. The first fake paid mobile apps hit Apple App and Google Play stores in December 202 but didn’t get media attention until nearly a month later, in mid-January. The first known major ChatGPT hack soon followed in mid-February. Bad actors used the OpenAI GPT-3 API to create adark version of ChatGPTthat is able to generate phishing emails and malware scripts. The bots work through the messaging app Telegram.
Now, it seems to be open season for fakes and alternatives since OpenAI introduced its paid ChatGPT Plus tier for $20 per month as of February 10. However, users should be wary that the chatbot remains a browser-based tool that can be accessed only at chat.openai.com. There are no mobile or desktop apps currently available for ChatGPT on any system.
