Skip to main content
Kaino.dev
Discover
Evals
News
Academics
Insights
Kaino.dev

Discover, evaluate, and compare AI tools, models, and agents.

Explore

  • Discover
  • Evaluations
  • News
  • Academics
  • Insights

Community

  • Twitter
  • YouTube
  • Instagram
Privacy PolicyTerms of Service

© 2026 Kaino.dev. All rights reserved.

Version 1.1.0
Attackers use shared ChatGPT and Claude pages as malware lures · News · Kaino
Attackers use shared ChatGPT and Claude pages as malware lures
Kaino
May 30May 30, 2026, 12:00 AM6 views

Attackers use shared ChatGPT and Claude pages as malware lures

Push Security says attackers are abusing shared-chat features in ChatGPT and Claude to host convincing malware lures on trusted AI domains. Reports from The Decoder, BleepingComputer and Kaspersky describe related tactics including fake outage notices, install prompts and ClickFix-style instructions.

llmsattackersabusesharedchatgptAI in practiceArtificial IntelligenceCybersecuritySecurityAI securityChatGPTClaudemalwarecybersecuritymalvertisingLLMs

Attackers are abusing shared-chat features in ChatGPT and Claude to deliver malware lures from trusted AI service domains, according to Push Security.

Trusted links are being used as bait

Push Security reported a campaign it calls “LLMShare,” in which attackers publish malicious-looking-but-legitimate shared conversations on chatgpt.com and claude.ai. Because the pages are hosted on domains users recognize and security tools often trust, the links can appear less suspicious than a newly registered phishing site.

The Decoder reported the same core finding: attackers are exploiting chat-sharing features in ChatGPT and Claude, with shared conversations that mimic error messages or installation guides. The outlet said the tactic can help the pages slip past some security controls because the content is served from trusted domains.

Shared-chat features are designed for collaboration and easy distribution of AI-generated conversations. In this campaign, Push Security said that convenience is being turned into a malware-delivery mechanism: attackers create a shared page that instructs victims to follow steps leading to a download or other compromise.

Search ads and fake support pages amplify the scheme

Push Security said the campaign also uses search malvertising, meaning ads in search results can direct users to the malicious lure pages. This matters because victims may arrive at the shared conversation after searching for help with an AI tool, a software error or a download.

BleepingComputer corroborated Push Security’s findings and reported that ChatGPT share links have been abused to host fake outage pages. According to BleepingComputer, those pages redirected victims to malware disguised as a ChatGPT desktop app.

That tactic fits a broader pattern in which attackers combine trusted infrastructure with urgent prompts. A fake outage notice or a simulated troubleshooting guide can pressure users to install a supposed fix, especially when the page appears under a familiar domain rather than an unknown website.

ClickFix-style instructions are part of the risk

Kaspersky has also covered related abuse in an article about shared ChatGPT chats, ClickFix-style tactics, macOS and the AMOS infostealer. ClickFix attacks typically rely on persuading users to run commands or follow manual steps under the pretense of resolving an error.

The common thread across the reports from Push Security, BleepingComputer, The Decoder and Kaspersky is not that ChatGPT or Claude are themselves malware. Rather, attackers are taking advantage of legitimate sharing and hosting features to make malicious instructions look credible.

What users and defenders should watch for

The main warning sign is not only the domain in the address bar. A page hosted on chatgpt.com or claude.ai can still contain user-generated content that should be treated with caution. Shared AI chats should not be assumed safe simply because they are hosted by a major AI provider.

Users should be skeptical of shared conversations that claim a service is down, instruct them to install a desktop app, ask them to paste commands into a terminal, or provide unusual “fix” steps for a login or browser problem. BleepingComputer’s reporting specifically noted malware disguised as a ChatGPT desktop app, while Kaspersky’s coverage points to the risks of ClickFix-style instructions.

For organizations, Push Security’s report suggests a defensive blind spot: security controls that heavily rely on domain reputation may miss malicious content hosted on otherwise trusted platforms. Defenders may need to inspect page context, user behavior and download destinations, not only the initial domain.

The reports show how attackers adapt to popular AI tools without necessarily compromising those services. By placing malicious guidance inside shareable AI pages, they can borrow the trust users place in ChatGPT and Claude while steering victims toward malware outside the normal boundaries of the chatbot experience.

Key takeaways
  • 1

    Attackers are abusing shared chat features in ChatGPT and Claude to deliver malware lures from trusted AI service domains, according to Push Security.

  • 2

    Trusted links are being used as bait Push Security reported a campaign it calls “LLMShare,” in which attackers publish malicious looking but legitimate shared conversations on chatgpt.com and claude.ai.

  • 3

    Because the pages are hosted on domains users recognize and security tools often trust, the links can appear less suspicious than a newly registered phishing site.

Continue reading

Latest from Kaino News

Story pulse

Freshness

May 30

Views

6

Reading

3 min

Byline

Kainotomic Team

Utilities

Topics

llmsattackersabusesharedchatgptAI in practiceArtificial IntelligenceCybersecuritySecurityAI securityChatGPTClaudemalwarecybersecuritymalvertisingLLMs

Sources

Reference material and original reporting used in this story.

The Decoder

Published May 30, 2026, 12:00 AM

View source