Fake ChatGPT apps lead malware attacks disguised as AI services— Kaspersky

• AI-generated photo

Cybercriminals are increasingly using the popularity of artificial intelligence tools to trick users into downloading malware, with fake ChatGPT applications accounting for nearly half of detected attacks disguised as AI services, according to Kaspersky.

The global cybersecurity company said its systems detected more than 92,000 attacks involving malware and potentially unwanted applications worldwide from January to early May 2026. These attacks were disguised as popular AI agents and services, including ChatGPT, Claude, and Gemini.

Fake ChatGPT applications made up 49 percent of all detected attacks, while fake Claude and Gemini services each accounted for 18 percent.

Kaspersky researchers also identified more than 15,000 malware samples posing as agentic AI software, including fake versions of fast-growing tools such as OpenClaw. The samples included banking trojans, spyware, exploits, and malware downloaders that can install additional malicious payloads on infected devices.

Kaspersky is a global cybersecurity company that provides threat intelligence, endpoint protection, and digital security solutions for businesses and individual users. The company regularly monitors cyberthreat trends worldwide, including malware campaigns, phishing attacks, ransomware activity, and emerging risks linked to new technologies such as artificial intelligence.

In May 2026, Kaspersky’s Global Research and Analysis Team also uncovered a campaign linked to the Silver Fox advanced persistent threat group. The attackers allegedly distributed fake Claude AI applications for Windows, macOS, and Linux, targeting users searching for access to AI tools.

Once opened, the malicious installers silently deployed malware on victims’ devices, allowing attackers to maintain long-term access and potentially steal sensitive information.

Dmitry Galov, Head of Russia and CIS units at Kaspersky Global Research and Analysis Team, said the rise of AI agents in workplaces has changed how organizations should think about digital trust.

“The introduction of AI agents into enterprise environments changes the nature of trust itself. Every automated action becomes part of a wider chain of systems and data exchanges, which means security is no longer just about protecting endpoints – it is about controlling how intelligence, permissions, and decisions propagate across interconnected AI-driven processes,” Galov said.

He also warned that attackers are now actively using popular AI brands to steal confidential data and money from victims.

“Users should also keep in mind that attackers are actively leveraging popular AI services as a lure to steal victims’ confidential data and funds. Taking into account the evolution of modern threat landscape, reliable security solutions are becoming an essential part of digital life,” Galov added.

Kaspersky advised organizations to strengthen their cybersecurity defenses through real-time protection, threat visibility, investigation, and response tools. It also recommended managed security services for companies without dedicated cybersecurity teams.

For individual users, Kaspersky said the safest approach is to use AI services only from reputable companies and avoid anonymous or unknown AI bots, which may be designed to harvest personal information for fraud, phishing, or blackmail.

Users were also reminded to use security tools that can block phishing websites and prevent malware installation.