Security News > 2023 > December > ESET Threat Report: ChatGPT Name Abuses, Lumma Stealer Malware Increases, Android SpinOk SDK Spyware’s Prevalence
Cybersecurity company ESET released its H2 2023 threat report, and we're highlighting three particularly interesting topics in it: the abuse of the ChatGPT name by cybercriminals, the rise of the Lumma Stealer malware and the Android SpinOk SDK spyware.
In the second half of 2023, ESET has blocked 650,000 attempts to access malicious domains whose names include "Chatgpt" or similar string in an apparent reference to the ChatGPT chatbot.
One of the frauds resides in the OpenAI API for ChatGPT. The API needs a private API key that must be carefully protected and never exposed by users, yet some apps ask users to provide their API keys so the applications can use ChatGPT. As written by ESET researchers, "If the app sends your key to the developer's server, there may be little to no guarantee that your key will not be leaked or misused, even if the call to the OpenAI API is also made."
The Lumma Stealer malware shares a common code base with the infamous Mars, Arkei, and Vidar information stealers and is very likely to be developed by the same author, according to cybersecurity company Sekoia.
Various distribution vectors are used for spreading Lumma Stealer; ESET observed these methods in the wild: cracked installations of software, YouTube, fake browser update campaigns, content delivery network of Discord and installation via third-party malware loader Win/TrojanDownloader.
A mobile marketing software development kit identified as the SpinOk spyware by ESET climbed to being the seventh most detected Android threat for H2 2023 and the most prevalent type of spyware for the period.
News URL
https://www.techrepublic.com/article/eset-threat-report-h2-2023/
Related news
- Reminder: Infostealer malware is coming for your ChatGPT credentials (source)
- Web-based PLC malware: A new potential threat to critical infrastructure (source)
- Keyloggers, spyware, and stealers dominate SMB malware detections (source)
- PixPirate Android malware uses new tactic to hide on phones (source)
- Malware stands out as the fastest-growing threat of 2024 (source)
- Vultur banking malware for Android poses as McAfee Security app (source)
- 'eXotic Visit' Spyware Campaign Targets Android Users in India and Pakistan (source)
- SoumniBot malware exploits Android bugs to evade detection (source)
- Fuxnet malware: Growing threat to industrial sensors (source)
- New Brokewell malware takes over Android devices, steals data (source)