ChatGPT is currently the most popular AI platform that many people use nowadays. Regardless if you have questions about tech, sports, games, or health, this tool will give you a desirable response for every query you throw.
However, there's an alarming part about generative AI. For the past months, Sophos noticed a surge of mobile malware known as "fleeceware" on several AI apps existing on the Google Play Store and Apple App Store.
Malware Campaigns Are Hitting ChatGPT-Like Apps
According to Lowyat, Sophos discovered that some mobile apps are tricking users into downloading them for free. Others grant them access to open ChatGPT with a free trial only to know that it's not really free.
The cybersecurity firm says that malware known as fleeceware is the culprit behind this attack. It's simply luring users to pay an absurdly high subscription fee for mobile software.
How to Identify Fleeceware Apps on Mobile
In a blog written by Sophos on Wednesday, May 17, these are the signs to watch out for if you're dealing with an app infected by a fleeceware.
- Free functionality on either Android or iOS
- A free trial is being offered, but it's part of the trick to fool people into paying a subscription charge
- It has ads to make the free version quite usable, but still, it will lead you to the subscription page
Although the word "fleeceware" sounds new, it's not already a fresh term in the malware vocabulary. It's been used for some years but not as popular as other threats like spyware and adware.
Sophos says that back in 2020, fleeceware existed in several apps, such as the barcode reader. It's also present in the Google Lens feature, according to the company.
Combatting Fleeceware
Detecting if an app has fleeceware is important before you proceed to download an app. As for Google and Apple, an improved set of guidelines to eradicate this malware is available.
The tech giants discussed that fleeceware does not act like ransomware. It does not demand money from the victim, yet it's sneaky by forcing the victims to have limited features in case they can't pay for subscription charges.
Unlike other forms of malware, it does not access your personal information from your smartphone. It has no power to control your device, either. It simply exists to annoy users into limiting an app's functionality.
There's no need to download any AI-related app on Google Play Store or Apple App Store. ChatGPT is free online, as well as Google's Bard and Microsoft's Bing AI.
As per Guy Rosen, a chief information security officer, Meta revealed in March that it discovered 10 types of malware impersonating ChatGPT.
According to Mobile World Live, Rosen and his team successfully removed and blocked over 1,000 infected links containing fleeceware. The information was related to industrial firms.