Hackers Sending Fake ChatGPT Invites to Android Users to Spread Malware

Cybercriminals have set their sights on Android users through a well-crafted phishing scheme that disguises malicious applications as beta-testing opportunities for ChatGPT and Meta advertising tools. What appears to be a legitimate app-testing invitation turns out to be a carefully planned attempt to steal Facebook credentials and seize full control of user accounts. Discover more Security awareness training Threat intelligence feeds Hacking news updates This campaign reflects a growing pattern in which threat actors exploit the widespread trust that everyday people place in well-known AI brands to plant malware directly onto their mobile devices.

The attack begins with an invitation email that looks entirely routine.

The messages come from firebase-noreply@google.com, a legitimate address associated with Google's Firebase App Distribution platform, which developers frequently use to send pre-release app builds to specific testers. Android users should be extremely cautious when accepting unsolicited invitations to test apps, even if they seem to be from Google addresses. Only the official Google Play Store should be used to download apps.

Never enter Facebook login information into an app that wasn't downloaded via a reliable, authentic source. Organizations should make sure that their employees are well-informed about this particular and increasingly prevalent type of social engineering, and network administrators and security teams are recommended to block the detected malicious domains right away.

Set ZeroOwl as a Preferred Source in Google to Receive More Instant Updates from LinkedIn and X.