A new wave of cyberattacks is targeting unsuspecting users with what looks like a legitimate “ChatGPT desktop app,” but in reality, it’s a sophisticated piece of malware. Microsoft has identified the threat as PipeMagic, a modular backdoor that takes advantage of a zero-day vulnerability in Windows (CVE-2025-29824).
Once installed, PipeMagic can do much more than steal files — it enables surveillance, credential theft, and in some cases, ransomware deployment.
How the Malware Masquerade Works
The malicious campaign begins with attackers modifying an open-source ChatGPT project on GitHub, slipping in hidden code that activates immediately after launch. Victims think they’re opening an AI chatbot, but the program silently loads PipeMagic instead.
The malware’s design is modular, meaning it can load different components depending on the attacker’s goals. It uses encrypted pipes and in-memory execution to avoid detection, a technique that makes it far harder for traditional antivirus systems to catch.
In recent attacks targeting Saudi Arabia and Brazil, hackers used a Microsoft Help Index file (.mshi) as the loader. That file decrypts and runs embedded shellcode written in C#, effectively opening the door for the malware to take control.
Who’s Behind It? A Familiar Name in Ransomware
Microsoft attributes the campaign to Storm-2460, a cybercrime group previously linked to RansomEXX ransomware attacks. This is not a newcomer; the group has been active across finance, real estate, and IT industries, with victims reported in the U.S., Europe, South America, and the Middle East.
Their pivot to using AI branding as bait is significant — it plays on the public’s growing trust in generative AI tools, making the disguise more convincing.
Techniques Borrowed from Legitimate Tools
Security researchers from Kaspersky and BI.ZONE have traced PipeMagic’s inner workings, finding that it abuses the CLFS logging driver in Windows to gain persistence. Some modules rely on DLL hijacking or Microsoft Help files to deploy stealth payloads.
Even more troubling, attackers repurpose built-in Windows tools for malicious purposes. For example, they’ve been caught using ProcDump — disguised as dllhost.exe — to pull sensitive login credentials from memory. This blending of legitimate and malicious activity makes detection even harder.
How Users Can Stay Protected
Microsoft has flagged the malware under the name Backdoor:Win32/PipeMagic!MSR, but defense still relies heavily on user caution and timely patching. Here are the key steps:
- Only download ChatGPT tools from trusted sources — avoid third-party “desktop apps” floating around GitHub or forums.
- Update Windows immediately — patching closes the zero-day hole PipeMagic exploits.
- Run a full scan if you’ve already installed a questionable ChatGPT app.
Why This Matters
The rise of PipeMagic underscores how cybercriminals exploit popular technology brands to gain trust. AI tools like ChatGPT have become household names, which makes them perfect camouflage for malware distribution.
The bottom line: convenience can be costly. If you want ChatGPT on your desktop, stick to the official sources — anything else could be opening the door to ransomware.
