Cyber Security Threat Summary:
Researchers have discovered an active BatLoader campaign that utilizes Google Search Ads to direct users to fraudulent web pages imitating AI services such as ChatGPT and Midjourney. The campaign was detected by eSentire Threat Response Unit (TRU) in early May.

"In the campaign observed by the researchers, threat actors are using BatLoader in the form of MSIX Windows App Installer files to deliver the Redline Stealer. In February 2023, eSentire reported another BatLoader campaign targeting users searching for AI tools.“Both AI services are extremely popular but lack first-party standalone apps (i.e., users interface with ChatGPT via their web interface while Midjourney uses Discord). This vacuum has been exploited by threat actors looking to drive AI app-seekers to imposter web pages promoting fake apps.” reads the analysis published by eSentire. Users searching on Google for “chatbpt” were redirected to an imposter download page for ChatGPT hosted on hxxps://pcmartusa[.]com/gpt/" (SecurityAffairs, 2023).

Visitors to the site are deceived into downloading a counterfeit Windows ChatGPT application by clicking on a button on the landing page, which redirects them to the BatLoader Payload site. The installer file, named Chat-GPT-x64[.]msix, is obtained from the domain joblionserver[.]site and is digitally signed by ASHANA GLOBAL LTD. The analyst revealed that the final package was created using Advanced Installer version 20.2 with a professional license by an individual who speaks Russian. Upon inspecting the package in Advanced Installer, experts discovered that the application executes both an executable file called ChatGPT[.]exe and a PowerShell script named Chat[.]ps1. The installer retrieves and runs the RedLine Stealer from a remote server. The Redline sample is configured to connect to the IP address 185[.]161[.]81 using the bot ID ChatGPT_Mid, referencing the two deceptive tactics in this campaign. When examining ChatGPT[.]exe, the researchers from TRU observed that the executable employs Microsoft Edge WebView2 to load https://chat.openai.com in a pop-up window after installation. Attackers utilize this executable to deceive users into believing that they have installed a legitimate application. Users are presented with a pop-up window that contains the authentic ChatGPT web page embedded within a browser window. The complete functionality of this executable is yet to be determined by researchers.

Security Officer Comments:
Additionally, an incident was observed this Month involving a similar infection method used to promote a fraudulent webpage for Midjourney. In this particular case, visitors were downloading a Windows Application packaged named Midjourned-x64.msix, which was also signed by ASHANA GLOBAL LTD. There has been a surge in the popularity of generative AI technologies and chatbots in 2023. Threat actors have taken advantage of this popularity by offering promises of unrestricted access. This recent campaign serves as a reminder that malicious ads can still slip by moderators and deliver victims malware.

Suggested Correction(s):
eSentire has published IOC’s and recommended the following mitigations from their Threat Response Unit: