Malicious actors have been taking advantage of the popularity of generative AI services like OpenAI’s ChatGPT and Midjourney, using deceptive Google Search ads to redirect users to fraudulent websites. This malicious campaign, known as BATLOADER, aims to deliver the RedLine Stealer malware to unsuspecting users. Recent analysis by cybersecurity firm eSentire has shed light on this concerning trend, emphasizing the need for caution when seeking AI applications online.
Exploiting the Gap in Standalone AI Apps:
eSentire’s analysis reveals that both ChatGPT and Midjourney, despite their popularity, lack first-party standalone applications. Users currently interact with ChatGPT through its web interface, while Midjourney relies on Discord. Threat actors have exploited this gap, redirecting AI app-seekers to counterfeit web pages promoting fake applications.
BATLOADER: A Drive-by Download Campaign:
BATLOADER employs a loader malware distributed through drive-by downloads. Unsuspecting users searching for specific keywords on search engines are shown deceptive ads that, when clicked, redirect them to rogue landing pages hosting malware. The installer file contains executable files (ChatGPT.exe or midjourney.exe) and PowerShell scripts (Chat.ps1 or Chat-Ready.ps1) responsible for downloading and loading the RedLine Stealer malware from a remote server.
Sneaky Execution and Redirection:
To avoid raising suspicion, the installed binary leverages Microsoft Edge WebView2 to load the legitimate ChatGPT (chat.openai.com) or Midjourney (www.midjourney.com) URLs in a pop-up window. This tactic aims to deceive users and prevent detection.
Previous Exploitations and Google’s Response:
Trend Micro previously highlighted the use of ChatGPT and Midjourney-themed lures by BATLOADER to serve malicious ads and distribute malware. However, eSentire notes that the abuse of Google Search ads has declined since early 2023, suggesting that Google has taken active measures to address and curb its exploitation.
Ongoing Vigilance and Phishing Campaigns:
Identifying Threat Actors:
In a previous investigation, eSentire traced one of the key operators of this malware campaign to an individual located in Montreal, Canada. Additionally, a Romanian national known as Jack has been identified as another threat actor associated with the group.
As the popularity of AI services continues to rise, users must be cautious of malicious actors leveraging deceptive ads to distribute malware. It is crucial to rely on trusted sources, exercise caution when clicking on ads, and employ up-to-date security measures to mitigate the risks posed by such campaigns. Ongoing collaboration between cybersecurity firms and tech giants like Google is essential to combatting these threats and ensuring a safer online environment.