LLMShare: Attackers are turning AI chatbot pages into malware delivery platforms (pushsecurity.com)

A recent security report reveals that attackers are exploiting shared content features on AI chatbot platforms like ChatGPT and Claude to deliver malware, using trusted domains to bypass traditional security checks. They create seemingly benign pages that mimic installation guides but redirect users to malicious downloads, primarily targeting macOS and Windows users. By leveraging search engine malvertising and SEO poisoning, attackers can drive traffic to these deceptive pages, making it increasingly difficult for users to discern legitimate commands from malicious ones. This tactic, termed the LLMShare technique, highlights a significant security gap in AI platforms and raises concerns about their abuse in malware delivery campaigns. The new approach employs advanced social engineering, with attackers now using fully designed, convincing web pages that mimic service disruptions to lure victims into downloading malicious executables disguised as legitimate software. The persistence and adaptability of these threats illustrate the growing sophistication of phishing methods, emphasizing the urgent need for enhanced security measures in AI tools to protect users from emerging risks in a rapidly evolving digital landscape.