Fake ChatGPT Apps Appear, Hackers Launch Cyber Attacks Using PipeMagic Trojan!

AIbase基地

Published inAI News · 4 min read · Oct 16, 2024

150

Recently, cybersecurity firm Kaspersky released a survey report revealing how cybercriminals are exploiting a fake ChatGPT application to carry out backdoor attacks and spread malware. Notably, these attackers have shifted their targets from Asia in 2022 to Saudi Arabia in 2024, indicating that their attack strategies are continuously evolving.

Hacker Network Attack (2)

Image source note: The image is AI-generated and provided by the image licensing service Midjourney

Kaspersky's research indicates that this malicious activity involves a trojan virus known as PipeMagic. PipeMagic is a plug-in type of trojan that serves as a "gateway" for deep penetration into corporate networks. According to Kaspersky's security researcher Sergey Lozhkin, cybercriminals are continuously evolving their strategies to gain more victims and expand their influence. "As the PipeMagic trojan extends from Asia to Saudi Arabia, we anticipate an increase in attacks using this backdoor."

A unique feature of PipeMagic is its ability to generate a 16-byte random array to create named pipes, formatted as \\.\pipe\1.. It generates a thread that continuously creates this pipe, reads data, and eventually destroys it. This pipe is used to receive encoded payloads and stop signals, and PipeMagic typically operates with multiple plug-ins downloaded from command and control (C2) servers, which in this case happen to be hosted on Microsoft's Azure platform.

Technically, Kaspersky explained how this fake ChatGPT application was constructed. It uses the Rust programming language and operates in stages. At first glance, the application appears legitimate, containing many libraries common in other Rust applications. However, when executed, the screen shows a blank, with no visible interface, hiding a 105,615-byte encrypted data array, which is the malicious payload.

Once this malware is deployed, it begins searching for key Windows API functions, using a name hashing algorithm through corresponding memory offsets. It then allocates memory, loads the PipeMagic backdoor, adjusts necessary settings, and finally executes the malware.

Key points:
- 🦠 Kaspersky discovers hackers using fake ChatGPT application to spread PipeMagic trojan.
- 🌍 Attack targets shift from Asia in 2022 to Saudi Arabia in 2024, showing an upgrade in cybercriminals' strategies.
- 🔍 PipeMagic utilizes named pipes and plug-in technology for deep penetration into corporate networks for malicious attacks.

ChatGPT-4o Major Upgrade: Creative Writing Skills Comparable to Eminem More Aligned with Needs

OpenAI has launched a major upgrade to its ChatGPT Plus subscription users with the latest large language model (LLM) upgrade - the 'Creative Writing' feature of ChatGPT-4o. According to a brief statement from OpenAI on X (formerly Twitter), the upgraded model's writing capabilities are more natural and engaging, and can be tailored to user needs, enhancing the relevance and readability of the content. With this upgrade, ChatGPT-4o is considered to have reached new heights in the field of creative writing.

Spanish BBVA Bank Successfully Deploys ChatGPT Enterprise Edition, Creates 2900 GPTs in Five Months

Spanish BBVA Bank (Banco Bilbao Vizcaya Argentaria) recently announced the successful global deployment of the ChatGPT Enterprise Edition to enhance employee efficiency and innovation. In just five months, the bank has created over 2900 customized GPT applications by closely collaborating with legal, compliance, and IT security teams to ensure the safe and responsible use of AI. BBVA Bank has always been at the forefront of technological innovation.

Stronger Writing Skills! OpenAI's Major Upgrade to GPT-4o Reclaims the Title of Best AI Model

OpenAI has announced a significant upgrade to its flagship model GPT-4o, further enhancing its performance in reasoning, cross-media, and conversational abilities. This update is referred to as ChatGPT-4o (20241120) and aims to provide users with a more natural and engaging text generation experience. Prior to the upgrade, OpenAI conducted rigorous performance testing on GPT-4o in a large language model (LLM) environment known as the 'Chatbot Arena'.

OpenAI Plans to Launch In-House Browser to Challenge Google's Dominance

According to a report by The Information, OpenAI is planning to launch an in-house browser powered by an AI chatbot to directly challenge Google's search market. This move highlights OpenAI's ambitions in the search domain and is also a significant step in expanding its ecosystem. Sources indicate that OpenAI is in discussions with platforms such as Condé Nast, Redfin, Eventbrite, and Priceline for potential collaborations in travel, food, and housing.