EXECUTIVE SUMMARY
The campaign is being run by a financially motivated criminal outfit that uses a clone of the official ChatGPT download page to distribute malware. It targets both Windows and macOS users, with victims observed across North America, Europe and Asia. The operation delivers a credential‐stealing loader for Windows and a cryptocurrency‐focused stealer for macOS, aiming to harvest passwords, browser sessions and crypto wallet data before exfiltrating the information for resale or direct theft. By exploiting the hype around AI tools, the actors increase click‐through rates and monetize a wide user base.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY
The campaign is being run by a financially motivated criminal outfit that uses a clone of the official ChatGPT download page to distribute malware. It targets both Windows and macOS users, with victims observed across North America, Europe and Asia. The operation delivers a credential‐stealing loader for Windows and a cryptocurrency‐focused stealer for macOS, aiming to harvest passwords, browser sessions and crypto wallet data before exfiltrating the information for resale or direct theft. By exploiting the hype around AI tools, the actors increase click‐through rates and monetize a wide user base.[emaillocker id="1283"]
The infection begins when a user follows a search result or advertisement and downloads the "ChatGPT" installer from the counterfeit site. On Windows, the executable drops a generic installer package that spawns a script interpreter to pull additional modules from a remote server, establishing a back‐channel for command‐and‐control. On macOS, the DMG contains the Odyssey stealer, which extracts keychains, browser cookies, Telegram sessions and cryptocurrency wallet files, then attempts to replace legitimate wallet applications with trojanized copies. Persistence is achieved through autorun entries and scheduled tasks, while exfiltration occurs over encrypted HTTP.
This threat matters because it blends a familiar social‐engineering lure with a dual‐platform payload that can bypass many traditional defenses. The macOS component specifically targets high‐value crypto assets, and the replacement of wallet software makes recovery difficult once the trojanized binaries are installed. Organizations should enforce strict download policies, educate users to verify official URLs, and deploy endpoint protection that monitors unusual installer behavior. Network monitoring for outbound connections to unknown domains, regular backups, and rapid patching of browsers and scripting engines further reduce the risk of credential or asset loss.
THREAT PROFILE:
| Tactic | Technique ID | Technique | Sub-technique |
| Resource Development | T1583.001 | Acquire Infrastructure | Domains |
| Initial Access | T1189 | Drive-by Compromise | — |
| Execution | T1059.001 | Command and Scripting Interpreter | PowerShell |
| Execution | T1059.002 | Command and Scripting Interpreter | AppleScript |
| Persistence | T1543.003 | Create or Modify System Process | Windows Service |
| Defense Evasion | T1070.004 | Indicator Removal | File Deletion |
| Credential Access | T1555.003 | Credentials from Password Stores | Credentials from Web Browsers |
| Discovery | T1083 | File and Directory Discovery | — |
| Command and Control | T1071.001 | Application Layer Protocol | Web Protocols |
| Exfiltration | T1041 | Exfiltration Over C2 Channel | — |
REFERENCES:
reports contain further technical details:
https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware