Hackers are now using ChatGPT share links to deliver malware

Hackers are using ChatGPT to quickly generate convincing fake download pages and then sharing links that trick people into downloading malware.

David Uzondu Neowin · May 29, 2026 15:48 EDT with 8 comments

ChatGPT

Researchers at Push Security have identified a new campaign by threat actors that delivers infostealer malware through legitimate domains, tagged "LLMShare."

Basically, "LLMShare" works by abusing the share features of popular LLM chatbots like ChatGPT. The attackers render a custom HTML layout directly on the legitimate domain to display a fake system maintenance message like "we're experiencing high traffic right now," to simulate a crash, and try to get you to download their desktop app.

The fake maintenance message — *Image via Push Security*

The threat actors use sponsored Google search ads targeting search terms like "ChatGPT," "ChatGPT desktop app," or "ChatGPT download" to drive victims toward this trap. When a user clicks one of these malicious search ads, they go to a legitimate URL that looks exactly like a normal chatgpt.com/s/[unique-id] share link. Because the domain belongs to OpenAI, web filter rules and firewall blocks do not trigger.

When you click the download button on this fake page, the site takes you to an external domain named openew[.]app, which impersonates the OpenAI desktop application, from where payloads targeting both Windows and macOS users are distributed.

The landing site remains smart enough to detect automated testing sandboxes, allowing the site to hide its true nature by serving a harmless mock-up web design. When BleepingComputer tested the Windows version on Any.Run, the executable ran various commands to verify if the victim ran a physical desktop or a virtual machine sandbox, looking for registry keys associated with security software. On macOS, this exact trap drops Odyssey Stealer to steal sensitive data.

Every day, hackers are finding new and creative ways to exploit LLMs and the chatbots that developers built on top of them to distribute malicious software. Recently, a threat actor named GreyVibe targeted Ukrainian infrastructure. Thanks to AI, the group is able to punch above its weight, fill technical gaps, write code obfuscation scripts, and generate highly realistic social engineering lures.

GreyVibe relied on attack methods like PhantomMail to send polished phishing emails mimicking Ukrainian government agencies, PhantomClick to deploy fake CAPTCHA prompts that run malicious PowerShell commands, and PrincessClub to host fake adult portals containing Android spyware.