Security News > 2023 > December > ESET Threat Report: ChatGPT Name Abuses, Lumma Stealer Malware Increases, Android SpinOk SDK Spyware’s Prevalence

Cybersecurity company ESET released its H2 2023 threat report, and we're highlighting three particularly interesting topics in it: the abuse of the ChatGPT name by cybercriminals, the rise of the Lumma Stealer malware and the Android SpinOk SDK spyware.

In the second half of 2023, ESET has blocked 650,000 attempts to access malicious domains whose names include "Chatgpt" or similar string in an apparent reference to the ChatGPT chatbot.

One of the frauds resides in the OpenAI API for ChatGPT. The API needs a private API key that must be carefully protected and never exposed by users, yet some apps ask users to provide their API keys so the applications can use ChatGPT. As written by ESET researchers, "If the app sends your key to the developer's server, there may be little to no guarantee that your key will not be leaked or misused, even if the call to the OpenAI API is also made."

The Lumma Stealer malware shares a common code base with the infamous Mars, Arkei, and Vidar information stealers and is very likely to be developed by the same author, according to cybersecurity company Sekoia.

Various distribution vectors are used for spreading Lumma Stealer; ESET observed these methods in the wild: cracked installations of software, YouTube, fake browser update campaigns, content delivery network of Discord and installation via third-party malware loader Win/TrojanDownloader.

A mobile marketing software development kit identified as the SpinOk spyware by ESET climbed to being the seventh most detected Android threat for H2 2023 and the most prevalent type of spyware for the period.

News URL

https://www.techrepublic.com/article/eset-threat-report-h2-2023/