Researchers identified an ongoing BatLoader campaign relying on Google Search Ads to deliver rogue web pages for ChatGPT and Midjourney.
In early May, researchers at eSentire Threat Response Unit (TRU) spotted an ongoing BatLoader campaign using Google Search Ads to redirect victims to imposter web pages for AI-based services like ChatGPT and Midjourney.
The rogue pages are designed to promote fake apps of popular AI services.
In the campaign observed by the researchers, threat actors are using BatLoader in the form of MSIX Windows App Installer files to deliver the Redline Stealer. In February 2023, eSentire reported another BatLoader campaign targeting users searching for AI tools.
“Both AI services are extremely popular but lack first-party standalone apps (i.e., users interface with ChatGPT via their web interface while Midjourney uses Discord). This vacuum has been exploited by threat actors looking to drive AI app-seekers to imposter web pages promoting fake apps.” reads the analysis published by eSentire.
Users searching on Google for “chatbpt” were redirected to an imposter download page for ChatGPT hosted on hxxps://pcmartusa[.]com/gpt/.
Visitors are tricked into downloading a fake Windows ChatGPT app by clicking on the button on the landing page that actually redirect them to a BatLoader Payload site.
The installer is downloaded from the job-lionserver[.]site as Chat-GPT-x64.msix, which is digitally signed by ASHANA GLOBAL LTD.
The final package was created by a Russian speaker using Advanced Installer version 20.2 with a professional license.
Upon opening the package in AdvancedInstaller, the experts discovered that the application will execute both an executable (ChatGPT.exe) and a PowerShell script (Chat.ps1).
The installer fetches and executes the RedLine Stealer from a remote server.
“This Redline sample is configured to connect to IP 185.161.248[.]81 using the Bot ID “ChatGPT_Mid”, a reference to the two lures used in this campaign (ChatGPT and MidJourney).” continues the analysis.
Examining ChatGPT.exe, TRU observed that the executable uses Microsoft Edge WebView2 to load https://chat.openai.com/ in pop-up window post-installation.”
Attackers used this executable to trick the users into believing that they have installed a legitimate application. The users will display a popup window containing the real ChatGPT web page embedded in a browser window. The experts are yet to determine other functionality of this executable.
The experts also detailed a separate case, that was observed on May 2023, using a similar infection scheme to advertise a rogue page for Midjourney. In this case, the visitors were downloading Midjourney-x64.msix, which is a Windows Application Package also signed by ASHANA GLOBAL LTD.
“Generative AI technologies and chatbots have exploded in popularity in 2023. Unfortunately, as system administrators seek ways to control access to these platforms, users may seek out alternative ways to gain access.” concludes the report. “Threat actors have been keen to exploit the popularity of these tools, promising unrestrictive access. Our telemetry shows Google Search Ads abuse (explained here) peaked in popularity in Q4 2022 and early 2023. The success rate has diminished, suggesting Google has tamped down on abuse of their ad service. However, this recent campaign shows malicious ads can still slip by moderators and deliver victims malware.”
We are in the final
Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini
Please nominate Security Affairs as your favorite blog.
Nominate Pierluigi Paganini and Security Affairs here here: https://docs.google.com/forms/d/e/1FAIpQLSepvnj8b7QzMdLh7vWEDQDqohjBUsHyn3x3xRdYGCetwVy2DA/viewform
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, ChatGPT)
Share On
