HomeIntelligenceBrief
BREACH BRIEF🟠 High ThreatIntel

Fake ChatGPT Download Site Delivers Credential‑Stealing Malware to Windows and macOS Users

A counterfeit website posing as OpenAI’s ChatGPT download page serves malicious installers for Windows and macOS. The Windows payload drops a credential‑stealing loader; the macOS payload installs the Odyssey Stealer, exfiltrating passwords, browser data, and cryptocurrency wallets. Organizations must treat this as a high‑risk supply‑chain threat to third‑party endpoints.

LiveThreat™ Intelligence · 📅 May 28, 2026· 📰 malwarebytes.com
🟠
Severity
High
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
6 sector(s)
Actions
4 recommended
📰
Source
malwarebytes.com

Fake ChatGPT Download Site Delivers Credential‑Stealing Malware to Windows and macOS Users

What Happened – A counterfeit website (openew.app) masquerading as OpenAI’s official ChatGPT download page served malicious installers for Windows and macOS. The Windows payload drops a credential‑stealing loader; the macOS payload delivers the Odyssey Stealer, a fork of the Atomic Stealer family that exfiltrates passwords, browser cookies, crypto‑wallet files, and more.

Why It Matters for TPRM

  • Attackers exploit brand trust to compromise third‑party endpoints, potentially exposing corporate credentials and crypto assets.
  • The dual‑platform approach widens the attack surface across mixed‑OS environments common in many supply chains.
  • Victims may inadvertently grant attackers access to internal SaaS tools that rely on single‑sign‑on or stored credentials.

Who Is Affected – Any organization that allows employees to download third‑party AI tools outside of vetted channels – notably technology, finance, retail, government, and energy sectors.

Recommended Actions

  • Enforce strict download policies: only permit software from vendor‑approved URLs or official app stores.
  • Deploy endpoint detection that flags installers signed with generic toolchains (e.g., Inno Setup) and monitors suspicious PowerShell execution.
  • Conduct credential‑reuse audits and enforce MFA for all privileged accounts.

Technical Notes – The site uses a Google‑managed .app TLD with a valid TLS certificate, making the padlock icon appear trustworthy. The Windows installer leverages Inno Setup and an Electron skeleton, then spawns PowerShell with -ExecutionPolicy Unrestricted -Command - to execute in‑memory commands. Network traffic is directed to IP 188.137.246.189 via a /laravel.php endpoint. The macOS payload is a disk image containing a fork of the Atomic Stealer family, capable of harvesting browser data, Telegram sessions, and cryptocurrency wallet files, and can replace legitimate Ledger/Trezor apps with trojanized versions. Source: Malwarebytes Labs

📰 Original Source
https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · SOC 2 Readiness

Could you prove your access controls held up here?

Credential and access failures map directly to SOC 2 access-control criteria. The Verisq AI Trust Operations platform shows where your evidence is thin before an auditor — or an attacker — finds out.

Explore the Verisq AI Trust Operations platform →