Cybercriminals are now abusing ChatGPT’s built-in sharing tools to spread malware through legitimate OpenAI links, creating a dangerous new phishing campaign that is becoming harder for users to detect.
Security researchers at Push Security discovered a campaign known as “LLMShare,” where attackers purchase Google advertisements targeting users searching for ChatGPT. Instead of redirecting victims to suspicious domains immediately, the ads send users to a real shared ChatGPT page hosted on the official OpenAI domain.
Once users land on the page, they are shown a fake outage notification claiming ChatGPT is temporarily unavailable because of high traffic. The message urges visitors to download a desktop version of ChatGPT in order to continue using the service.
The fake alert appears highly convincing because it is rendered directly through ChatGPT’s own content-sharing feature. Attackers reportedly used custom HTML and CSS prompts to create a realistic outage page that loads from a legitimate chatgpt.com URL, making the scam significantly more believable than traditional phishing websites.
Victims who click the download button are redirected to a malicious website impersonating OpenAI’s desktop application portal. Researchers say the site uses cloaking techniques to avoid detection by cybersecurity scanners and researchers. While normal users are served malware downloads, security tools may instead see harmless content to hide the operation.
Both Windows and macOS versions of the fake installer were observed distributing malicious payloads. Researchers believe the malware could include information-stealing trojans designed to harvest passwords, browser data, cryptocurrency wallets, and authentication tokens from infected devices.
Security analysts also found the malware performs checks to determine whether it is running on a real computer or inside a virtual machine often used by researchers for analysis. This tactic helps attackers avoid detection and prolong the lifespan of their campaigns.
The abuse of AI platform sharing tools is becoming increasingly common. Researchers previously observed similar attacks targeting users through shared conversations on ChatGPT, Claude, and Grok. In many cases, victims were tricked into running malicious commands disguised as software installation steps or troubleshooting instructions.
The growing popularity of generative AI platforms is creating new opportunities for cybercriminals to weaponize trusted domains and bypass traditional phishing defenses. Because these attacks originate from legitimate AI services, users may incorrectly assume the links are safe.
Cybersecurity experts recommend avoiding software downloads from shared AI conversations or advertisements. Users should only install desktop applications directly from official vendor websites and carefully verify URLs before entering credentials or downloading files. Enabling endpoint protection and keeping systems updated can also reduce the risk of compromise.