Beware Of This ChatGPT And Grok Fraud: Hackers Using A New Way To Scam Using AI Tools

Cybercriminals have found a loophole in AI tools to spread malware on computer; hackers are using Google search results. According to Huntress, hackers are using AI chats to plant harmful instructions that show up at the top of common search queries, tricking users into running dangerous commands on their own computers 

 How Hackers misuse AI 

Hackers initiate this fraud with starting a conversation with an AI assistant such as ChatGPT or Grok about a popular search topic, during the conversion with AI chatbot hacker ask ChatGPT or Grok to suggest entering a specific command in a computer’s terminal. The command is designed in a way that gives access to the victim’s computer. The cybercriminal then makes AI conversation public and pays to boost it so that it appears high in Google search results. When users search for that same topic, the harmful instruction appears helpful advice.  

Huntress explains that this trick already led to a real-world infection involving a Mac-targeting malware called AMOS. In this case, a Mac user simply searched for “clear disk space on Mac”. The user clicked a sponsored ChatGPT link in Google and followed the terminal command shown in the AI chat. Running the command permits hacker to secretly install the AMOS malware. It is important to note that harmful ChatGPT conversation stayed visible in Google search results for minimum half a day after Huntress publicly reported the issue. 

This technique is especially dangerous because it avoids the usual warning signs of online scams; the victims do not have to download anything suspicious or click on a strange link. 

 Users can simply save themselves from a major data, or financial fraud is that users should never paste a command into their computer’s terminal or browser search bar until and  unless you fully understand what command will do.