Fake ChatGPT download site infects Windows and Mac users with malware
ID: c741f94e-8c01-5d7d-8b71-8031476cd8cc
STIX ID: report--c741f94e-8c01-5d7d-8b71-8031476cd8cc
Feed Name: Security Boulevard
Threat Score
A fake ChatGPT download site (openew.app) is distributing two separate payloads: a Windows credential-stealing loader (Chat_GPT.exe) built from commodity components and a macOS Atomic Stealer (AMOS) that harvests passwords, cookies, crypto wallets, and can replace legitimate Ledger/Trezor apps to facilitate theft; the report includes technical analysis, IOCs (SHA-256 hashes, domains, IPs), and recommended remediation steps.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.