Threat actors are exploiting ChatGPT's popularity through a malvertising campaign featuring a convincing fake download site promoted via sponsored search results, delivering trojanized installers to Windows and macOS users. The malware uses obfuscated JavaScript payloads within Electron applications, CAPTCHA gating, and staged command execution to establish persistence and evade sandbox detection. Developers and security professionals should monitor for suspicious Electron applications with mismatched metadata and unexpected script engine spawning, as such brand-impersonation campaigns increasingly target high-intent users downloading development tools.
Read the full article at Cyber Security News
Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.
