Scammers are flooding app stores with fleeceware ChatGPT apps

Hotstar in UAE
Hotstar in UAE

It comes as no surprise as the launch of ChatGPT and other AI language models has ushered in a new era of artificial intelligence, with many people and companies now using AI tools in their everyday lives. However, according to security researchers at Sophos, this public interest in AI has also captivated the attention of threat actors, who are now posting fleeceware apps disguised as ChatGPT on Google Play and Apple’s App Store, tricking users into paying costly subscription fees under the guise of free trials.

What are fleeceware apps?

Unlike traditional malware, fleeceware apps operate by tricking unsuspecting users into paying exorbitant subscription fees through deceptive practices. In the case of ChatGPT, threat actors are currently taking advantage of the lack of an official ChatGPT app on mobile and targeting people who have just heard about this technology but do not know how to access it.

For example, the Open Chat GBT app on Android is available for free. However, when a user downloads it, the app constantly bombards them with advertisements until they subscribe to the premium tier.

Although both Google and Apple have guidelines in place for developers to offer in-app purchases, these threat actors submit their apps for review without fully disclosing the subscription pricing details, thus making it challenging for users to understand the payment structure.

“I saw multiple ads for these types of apps on social media platforms where it’s cheap to advertise, and sometimes they use tactics like typos in the name—calling the app ‘Chat GBT’ or others—to screen out people who might be a bit more savvy. They’re trying to screen out people who would do the free trial and then cancel it because it’s crap. They want the people who are not focused enough to know how to unsubscribe,” said Sean Gallagher, a senior threat researcher at Sophos.

How to stay protected?

While this new wave of fleeceware ChatGPT apps has prompted Apple and Google to take action, users also need to be aware of the possible dangers of downloading an unofficial app. Since OpenAI has not yet released an official app, the only way to access ChatGPT on your mobile is by going to the official website. Moreover, users should always exercise caution when downloading any app and carefully review the subscription terms.

2023-05-19 15:09:51