レポート 2744
ChatGPT, launched in November last year, quickly became one of the most popular tech buzzwords due to its impressive ability to generate responses that closely resemble those of a human. As with anything that gains such popularity, people always look for ways to take advantage of it. As a result, numerous fake ChatGPT apps have emerged on the App Store and Play Store, tricking users into paying for a service that is supposed to be free.
Due to its enormous popularity and fast growth, OpenAI had to limit the tool's usage and introduce a paid tier called ChatGPT Plus, priced at $20/month. This tier is designed for individuals who wish to use the chatbot without any restrictions on availability.
As a result of the introduction of the paid tier, hackers have been exploiting the tool's popularity by falsely promising uninterrupted and free access to the premium version of ChatGPT. These offers aim to trick users into installing malware or providing their account credentials.
One of the early instances of this tactic was spotted by security researcher Dominic Alvieri. A website with the domain 'chat-gpt-pc.online' was used to distribute Redline, an information-stealing malware disguised as a ChatGPT.
How do hackers exploit?
Fraudsters create a counterfeit website that claims to provide uninterrupted access to ChatGPT, along with a Facebook page to promote it. The website distributes malware by tricking users into downloading a ChatGPT Windows desktop client. Furthermore, multiple fake ChatGPT apps are circulating on Google Play and other third-party Android app stores. These apps do not provide access to the actual chatbot but instead infect devices with various forms of malware.
Currently, the only legitimate way to access ChatGPT is through the official website, which can be accessed by visiting chat.openai.com. Currently, no official API is available for ChatGPT, which means that developers cannot create apps that directly utilize the chatbot.
What to do when you spot a fake ChatGPT app
In case you come across a malicious or fake 'ChatGPT' app on the Google Play Store, you can report it by visiting the app's listing page, clicking on the three-dot icon located in the top-right corner, and selecting 'Flag as inappropriate.' You will then be prompted to choose the reason for flagging the app, with 'Copycat or impersonation' being the most appropriate option.
For the Apple App Store, you can report a malicious or fake 'ChatGPT' app by visiting its listing page, scrolling down to 'Report a problem,' selecting it, and then clicking on 'Report a scam or fraud.'