
Attackers abuse shared ChatGPT and Claude chats to spread malware
Quick Answer
Attackers are leveraging shared chat links from ChatGPT and Claude to distribute malware, exploiting the trust associated with these platforms.
Quick Take
Attackers are leveraging shared chat links from ChatGPT and Claude to distribute malware, exploiting the trust associated with these platforms. Security firm Push Security reports that these malicious chats often impersonate official notices or guides, making users susceptible to downloading infected applications.
Key Points
- Malicious shared chats mimic official outage notices or installation guides.
- Attackers use ChatGPT's code-rendering to create fake error pages in chats.
- Claude chats pose as Apple support guides with harmful Terminal commands.
- Push Security identifies this attack method as 'LLMShare'.
- Similar campaigns have been documented by BleepingComputer and Kaspersky.
📖 Reader Mode
~1 min readAttackers are exploiting shared chat links in ChatGPT and Claude to push malware. Both platforms let users share conversations publicly via URL. Victims stumble onto these chats through paid search ads. Because the links sit on trusted domains, security tools don't flag them, and users are more likely to trust what they see.
| Indicator | Type |
|---|---|
| hxxps://claude[.]ai/share/8e6401b5-4849-46c4-a3cb-29e1c3c49131 | URL |
| hxxps://chatgpt[.]com/s/cb_6a0f1e6bbec88191aa7fede27163f08d | URL |
| openew[.]app | domain |
| de8c50e8ccd240ef9d10ec26c26eeb37a4d1cad7c1e0edf3bb6e5689ec2dde78 | SHA256 |
Security firm Push Security says attackers craft shared chats that mimic official outage notices or install guides. One newer twist uses ChatGPT's code-rendering feature to build a full fake error page right inside a shared chat, then pushes users to download an infected desktop app. On Claude, shared chats pose as Apple support walkthroughs laced with malicious Terminal commands.

Push Security calls the attack technique "LLMShare." BleepingComputer and Kaspersky have both documented similar campaigns.
— Originally published at the-decoder.com
Want this in your inbox every morning?
Daily brief at your local 8am — bilingual EN/中文, free.
More from The Decoder
See more →
An AI model programmed nonstop for 19 days on a single MirrorCode task that cost $2,600 to run
Epoch AI's MirrorCode benchmark reveals Claude Opus 4.7 as the leader with a 56% solve rate, reconstructing a 16,000-line toolkit in 14 hours. Despite this, all models tested struggle with the most complex tasks, highlighting limitations in current AI capabilities. The single task consumed $2,600 over 19 days, raising questions about cost-effectiveness in AI development.

