{
  "iim_version": "1.1",
  "chain_id": "malwarebytes.2026.fake-chatgpt-dual-platform-stealers",
  "title": "Fake ChatGPT download site delivering Windows credential-stealing loader and macOS Odyssey Stealer",
  "description": "IIM chain for Malwarebytes Labs research published on 2026-05-28. The campaign impersonates OpenAI's ChatGPT download page at openew.app and serves platform-specific malware: Windows users receive Chat_GPT.exe, an Inno Setup/Electron-based loader that launches EApp.exe and communicates with 188.137.246.189 via a laravel.php endpoint; macOS users receive ChatGpt.dmg containing Odyssey Stealer, an AMOS fork that steals browser data, Telegram sessions, cryptocurrency-wallet data, and attempts wallet-app replacement. Malwarebytes publishes one landing domain, two sample hashes, and three network indicators. Where the article does not map 192.253.248.181 or 172.94.9.250 to a specific macOS server role, relations are explicitly marked tentative rather than inferred as confirmed.",
  "actor_id": "unknown",
  "observed_at": "2026-05-28T00:00:00Z",
  "confidence": "confirmed",
  "needs_review": false,
  "import_source": "manual-osint-report-to-iim-conversion",
  "entities": [
    {
      "id": "e001",
      "type": "url",
      "value": "search ads / SEO / YouTube / Discord / Telegram traffic for AI desktop-app downloads",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes states that people searching for ChatGPT download, clicking ads, or following unfamiliar results may have reached the fake site.",
        "The article later lists search ads, SEO poisoning, YouTube spam, and links shared in AI-focused Discord and Telegram communities as plausible traffic sources.",
        "No exact ad, social account, or referrer URL is published, so this entity models the confirmed traffic-source class only."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_exact_url_published": false,
      "x_traffic_source_class": "search_social_ai_brand_lure"
    },
    {
      "id": "e002",
      "type": "domain",
      "value": "openew.app",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes identifies openew[.]app as a convincing fake website impersonating OpenAI’s ChatGPT download page.",
        "The domain uses a dark theme, OpenAI-style branding, familiar marketing copy, and separate download buttons for macOS and Windows.",
        "Malwarebytes lists openew[.]app in the network indicators section."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_defanged": "openew[.]app",
      "x_impersonated_brand": "OpenAI ChatGPT",
      "x_tld": ".app"
    },
    {
      "id": "e003",
      "type": "file",
      "value": "Chat_GPT.exe",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes states clicking the Windows button delivers Chat_GPT.exe.",
        "The file is described as using Inno Setup and an Electron application skeleton.",
        "Published SHA-256: c9e0e6985dca3a179c9bdea4e7b38f7dc57fe00ecedc2fd634256fc53bf2de2d."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_sha256": "c9e0e6985dca3a179c9bdea4e7b38f7dc57fe00ecedc2fd634256fc53bf2de2d",
      "x_platform": "Windows"
    },
    {
      "id": "e004",
      "type": "hash",
      "value": "c9e0e6985dca3a179c9bdea4e7b38f7dc57fe00ecedc2fd634256fc53bf2de2d",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes IOC: SHA-256 for Chat_GPT.exe."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_hash_algorithm": "SHA-256",
      "x_file_name": "Chat_GPT.exe"
    },
    {
      "id": "e005",
      "type": "file",
      "value": "EApp.exe launched from %APPDATA%\\LeronApplication",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes says the Windows installer creates files under %APPDATA%\\LeronApplication and launches EApp.exe.",
        "It spawns PowerShell with -ExecutionPolicy Unrestricted -Command -, causing commands to be read from standard input.",
        "This is modeled as the Windows payload execution component created by the installer."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_platform": "Windows",
      "x_path": "%APPDATA%\\LeronApplication",
      "x_launcher": "PowerShell stdin command mode"
    },
    {
      "id": "e006",
      "type": "url",
      "value": "http://188.137.246.189/laravel.php?api=api&hash=<redacted>&message=<redacted>",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes states behavioral telemetry recorded HTTP traffic to 188.137.246.189 using a /laravel.php?api=api&hash=...&message=... endpoint.",
        "The full hash/message values are not published, so query values are represented as redacted placeholders.",
        "This is the confirmed Windows back-channel endpoint in the public article."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_endpoint_path": "/laravel.php?api=api&hash=...&message=...",
      "x_exact_query_values_published": false,
      "x_platform": "Windows"
    },
    {
      "id": "e007",
      "type": "ip",
      "value": "188.137.246.189",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes observed Windows HTTP traffic to 188[.]137[.]246[.]189.",
        "Malwarebytes lists 188[.]137[.]246[.]189 in the network indicators section."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_defanged": "188[.]137[.]246[.]189",
      "x_platform": "Windows",
      "x_ioc_role": "Windows back-channel server"
    },
    {
      "id": "e008",
      "type": "file",
      "value": "ChatGpt.dmg",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes states clicking the macOS button downloads a disk image containing ChatGpt.dmg.",
        "The macOS payload is Odyssey Stealer, a fork of Atomic Stealer / AMOS.",
        "Published SHA-256: c0919e1999eaee67e67aeda0287722775afb04e9a9a0f727928b4d11265fb70b."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_sha256": "c0919e1999eaee67e67aeda0287722775afb04e9a9a0f727928b4d11265fb70b",
      "x_platform": "macOS",
      "x_container_type": "DMG"
    },
    {
      "id": "e009",
      "type": "hash",
      "value": "c0919e1999eaee67e67aeda0287722775afb04e9a9a0f727928b4d11265fb70b",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes IOC: SHA-256 for ChatGpt.dmg."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_hash_algorithm": "SHA-256",
      "x_file_name": "ChatGpt.dmg"
    },
    {
      "id": "e010",
      "type": "file",
      "value": "Odyssey Stealer / AMOS fork macOS payload",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes identifies the macOS payload as Odyssey Stealer, a fork of Atomic Stealer / AMOS.",
        "The stealer captures login password, copies macOS keychain, harvests browser cookies and saved logins, extracts Telegram session data, and scans cryptocurrency wallet directories.",
        "The collected data is compressed into a temporary archive and sent to a hardcoded server."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_platform": "macOS",
      "x_malware_family": "Odyssey Stealer / AMOS fork"
    },
    {
      "id": "e011",
      "type": "file",
      "value": "trojanized Ledger/Trezor wallet replacement apps",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes says the macOS payload downloads trojanized versions of Ledger Live, Ledger Wallet, and Trezor Suite from a second server.",
        "It attempts to delete legitimate wallet apps and replace them with attacker-controlled versions.",
        "The exact download URL/server mapping is not published, so this is modeled as payload/staging content with cautious network associations."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_platform": "macOS",
      "x_wallet_apps": [
        "Ledger Live",
        "Ledger Wallet",
        "Trezor Suite"
      ],
      "x_exact_download_url_published": false
    },
    {
      "id": "e012",
      "type": "ip",
      "value": "192.253.248.181",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes lists 192[.]253[.]248[.]181 as a network indicator.",
        "The article does not explicitly map this IP to the hardcoded exfil server or the second wallet-replacement server.",
        "It is therefore retained as a macOS-associated network IOC with tentative relation confidence."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_defanged": "192[.]253[.]248[.]181",
      "x_platform": "macOS",
      "x_ioc_mapping": "not explicitly mapped in article"
    },
    {
      "id": "e013",
      "type": "ip",
      "value": "172.94.9.250",
      "observed_at": "2026-05-28T00:00:00Z",
      "source": "Malwarebytes Labs: Fake ChatGPT download site infects Windows and Mac users with malware (published 2026-05-28)",
      "evidence": [
        "Malwarebytes lists 172[.]94[.]9[.]250 as a network indicator.",
        "The article does not explicitly map this IP to the hardcoded exfil server or the second wallet-replacement server.",
        "It is therefore retained as a macOS-associated network IOC with tentative relation confidence."
      ],
      "x_reference_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
      "x_defanged": "172[.]94[.]9[.]250",
      "x_platform": "macOS",
      "x_ioc_mapping": "not explicitly mapped in article"
    }
  ],
  "chain": [
    {
      "entity_id": "e001",
      "role": "entry",
      "techniques": [],
      "role_confidence": "likely",
      "technique_confidence": "confirmed",
      "needs_review": false,
      "review_notes": "Traffic-source class is described but exact traffic source URLs/ads are not published."
    },
    {
      "entity_id": "e002",
      "role": "entry",
      "techniques": [],
      "role_confidence": "confirmed",
      "technique_confidence": "confirmed",
      "needs_review": false,
      "review_notes": "Confirmed fake landing domain; no newly-registered/disposable-domain technique assigned because the article does not publish registration age."
    },
    {
      "entity_id": "e003",
      "role": "payload",
      "techniques": [],
      "role_confidence": "confirmed",
      "technique_confidence": "confirmed",
      "needs_review": false,
      "review_notes": "Windows installer delivered by the fake landing page; no archive/container IIM technique assigned."
    },
    {
      "entity_id": "e004",
      "role": "payload",
      "techniques": [],
      "role_confidence": "confirmed",
      "technique_confidence": "confirmed",
      "needs_review": false
    },
    {
      "entity_id": "e005",
      "role": "payload",
      "techniques": [],
      "role_confidence": "confirmed",
      "technique_confidence": "confirmed",
      "needs_review": false
    },
    {
      "entity_id": "e006",
      "role": "c2",
      "techniques": [],
      "role_confidence": "confirmed",
      "technique_confidence": "confirmed",
      "needs_review": false,
      "review_notes": "Confirmed Windows back-channel endpoint; request parameters are not over-modeled as infrastructure gating."
    },
    {
      "entity_id": "e007",
      "role": "c2",
      "techniques": [],
      "role_confidence": "confirmed",
      "technique_confidence": "confirmed",
      "needs_review": false
    },
    {
      "entity_id": "e008",
      "role": "payload",
      "techniques": [
        "IIM-T024"
      ],
      "role_confidence": "confirmed",
      "technique_confidence": "confirmed",
      "needs_review": false,
      "review_notes": "macOS disk image delivered by the fake landing page."
    },
    {
      "entity_id": "e009",
      "role": "payload",
      "techniques": [],
      "role_confidence": "confirmed",
      "technique_confidence": "confirmed",
      "needs_review": false
    },
    {
      "entity_id": "e010",
      "role": "payload",
      "techniques": [],
      "role_confidence": "confirmed",
      "technique_confidence": "confirmed",
      "needs_review": false
    },
    {
      "entity_id": "e011",
      "role": "staging",
      "techniques": [],
      "role_confidence": "confirmed",
      "technique_confidence": "confirmed",
      "needs_review": false
    },
    {
      "entity_id": "e012",
      "role": "c2",
      "techniques": [],
      "role_confidence": "tentative",
      "technique_confidence": "confirmed",
      "needs_review": true,
      "review_notes": "Published network IOC but exact role is not mapped in article."
    },
    {
      "entity_id": "e013",
      "role": "c2",
      "techniques": [],
      "role_confidence": "tentative",
      "technique_confidence": "confirmed",
      "needs_review": true,
      "review_notes": "Published network IOC but exact role is not mapped in article."
    }
  ],
  "relations": [
    {
      "from": "e001",
      "to": "e002",
      "type": "redirect",
      "sequence_order": 1,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "likely",
      "x_evidence": [
        "Malwarebytes frames search results, ads, YouTube/social/community links around ChatGPT download as the likely victim-routing layer to the fake site; no exact ad/referrer URL is published."
      ]
    },
    {
      "from": "e002",
      "to": "e003",
      "type": "download",
      "sequence_order": 2,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "confirmed",
      "x_evidence": [
        "Clicking the Windows download button on openew.app delivers Chat_GPT.exe."
      ]
    },
    {
      "from": "e003",
      "to": "e004",
      "type": "references",
      "sequence_order": 3,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "confirmed",
      "x_evidence": [
        "Malwarebytes publishes the SHA-256 hash for Chat_GPT.exe."
      ]
    },
    {
      "from": "e003",
      "to": "e005",
      "type": "drops",
      "sequence_order": 4,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "confirmed",
      "x_evidence": [
        "When run, the Windows installer creates files under %APPDATA%\\LeronApplication and launches EApp.exe."
      ]
    },
    {
      "from": "e005",
      "to": "e006",
      "type": "connect",
      "sequence_order": 5,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "confirmed",
      "x_evidence": [
        "Behavioral telemetry recorded HTTP traffic to 188.137.246.189 using /laravel.php?api=api&hash=...&message=...."
      ]
    },
    {
      "from": "e006",
      "to": "e007",
      "type": "references",
      "sequence_order": 6,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "confirmed",
      "x_evidence": [
        "The C2 endpoint URL uses 188.137.246.189 as its host."
      ]
    },
    {
      "from": "e002",
      "to": "e008",
      "type": "download",
      "sequence_order": 7,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "confirmed",
      "x_evidence": [
        "Clicking the macOS button on openew.app downloads ChatGpt.dmg."
      ]
    },
    {
      "from": "e008",
      "to": "e009",
      "type": "references",
      "sequence_order": 8,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "confirmed",
      "x_evidence": [
        "Malwarebytes publishes the SHA-256 hash for ChatGpt.dmg."
      ]
    },
    {
      "from": "e008",
      "to": "e010",
      "type": "execute",
      "sequence_order": 9,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "confirmed",
      "x_evidence": [
        "The macOS disk image delivers Odyssey Stealer / AMOS-fork payload behavior described by Malwarebytes."
      ]
    },
    {
      "from": "e010",
      "to": "e011",
      "type": "download",
      "sequence_order": 10,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "likely",
      "x_evidence": [
        "Malwarebytes states the macOS payload downloads trojanized Ledger/Trezor wallet apps from a second server; exact server mapping is not published."
      ]
    },
    {
      "from": "e010",
      "to": "e012",
      "type": "communicates-with",
      "sequence_order": 11,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "tentative",
      "x_evidence": [
        "192.253.248.181 is a published Malwarebytes network IOC, but the article does not explicitly map it to exfiltration or wallet replacement."
      ]
    },
    {
      "from": "e010",
      "to": "e013",
      "type": "communicates-with",
      "sequence_order": 12,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "tentative",
      "x_evidence": [
        "172.94.9.250 is a published Malwarebytes network IOC, but the article does not explicitly map it to exfiltration or wallet replacement."
      ]
    },
    {
      "from": "e011",
      "to": "e012",
      "type": "download",
      "sequence_order": 13,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "tentative",
      "x_evidence": [
        "Trojanized wallet replacements are downloaded from a second server; this IP is a published network IOC but exact mapping is not public."
      ]
    },
    {
      "from": "e011",
      "to": "e013",
      "type": "download",
      "sequence_order": 14,
      "observed_at": "2026-05-28T00:00:00Z",
      "confidence": "tentative",
      "x_evidence": [
        "Trojanized wallet replacements are downloaded from a second server; this IP is a published network IOC but exact mapping is not public."
      ]
    }
  ],
  "attack_annotations": [
    {
      "technique_id": "T1189",
      "name": "Drive-by Compromise",
      "tactic": "Initial Access",
      "comment": "Users searching for ChatGPT download can land on the fake page."
    },
    {
      "technique_id": "T1204.002",
      "name": "User Execution: Malicious File",
      "tactic": "Execution",
      "comment": "Victims execute Chat_GPT.exe on Windows or mount/open ChatGpt.dmg on macOS."
    },
    {
      "technique_id": "T1059.001",
      "name": "Command and Scripting Interpreter: PowerShell",
      "tactic": "Execution",
      "comment": "Windows installer spawns PowerShell with commands read from standard input."
    },
    {
      "technique_id": "T1555",
      "name": "Credentials from Password Stores",
      "tactic": "Credential Access",
      "comment": "Odyssey/AMOS branch harvests browser and keychain data."
    },
    {
      "technique_id": "T1041",
      "name": "Exfiltration Over C2 Channel",
      "tactic": "Exfiltration",
      "comment": "Collected macOS data is compressed and sent to a hardcoded server."
    }
  ],
  "x_source_title": "Fake ChatGPT download site infects Windows and Mac users with malware",
  "x_source_url": "https://www.malwarebytes.com/blog/threat-intel/2026/05/fake-chatgpt-download-site-infects-windows-and-mac-users-with-malware",
  "x_published_at": "2026-05-28",
  "x_modeling_notes": [
    "openew.app is the confirmed landing domain and is modeled as the entry/landing infrastructure.",
    "The Windows relation to 188.137.246.189 is confirmed because Malwarebytes states telemetry observed HTTP traffic to that IP and endpoint path.",
    "The two additional network indicators, 192.253.248.181 and 172.94.9.250, are published by Malwarebytes but not mapped in text to exact exfil vs wallet-replacement roles; their relations are marked tentative.",
    "No OpenAI-owned domains are modeled as malicious infrastructure; the fake site is explicitly distinct from legitimate OpenAI distribution channels.",
    "IIM-T021 is intentionally not assigned to the Windows laravel.php endpoint because the public article does not prove request-fingerprint gating semantics."
  ]
}