Attackers Exploit ChatGPT and Claude Share Links to Spread Malware
Attackers are weaponizing a trusted feature of widely used generative AI services, making the infection vector harder for users to recognize as malicious.
Reporting from 1 sources: ASCII.jp.
ESET's May 2026 malware report details a new campaign called LLMShare that uses legitimate share links from ChatGPT and Claude to distribute malware. The report also notes an overall increase in domestic detections, with ransomware up and DOC/Fraud as the most common threat.
ESET's May 2026 malware report for Japan identifies a new attack campaign named LLMShare that exploits the share link feature of ChatGPT and Claude. Attackers create share links to conversation content or generated results, then distribute those URLs to victims. Because the links come from legitimate generative AI services, users may trust them and click through, leading to malware infection. The report also shows an overall rise in domestic malware detections compared to April, with ransomware detections increasing and DOC/Fraud-a document file containing a link to a fraudulent site-being the single most detected threat. Malware targeting Android and iOS increased, while Linux and OS X threats declined.
Synthesized by Yomimono from the 1 cited source below, including Japanese-language reporting where cited, then editorially reviewed before publishing.