LLMShare: ChatGPT & Claude Chats Spread Malware

Attackers are now using shared chat links from ChatGPT and Claude to spread malware. Here's the thing: Both platforms allow users to publicly share conversations through a URL. Victims encounter these malicious chats through paid search advertisements. What's interesting is that because these links reside on trusted domains, security tools often don't flag them. This makes users more likely to trust the content they see. Security firm Push Security states attackers craft these shared chats to look like official outage notices or installation guides. One tactic uses ChatGPT's code-rendering feature to create a fake error page within a shared chat, prompting users to download an infected desktop application. On Claude, shared chats mimic Apple support walkthroughs that contain malicious Terminal commands. Push Security refers to this attack method as "LLMShare." This is important because it highlights a new way cybercriminals are leveraging popular AI tools to trick unsuspecting users.