ChatGPT share links abused to host fake outage pages to deliver malware

ChatGPT share links abused to host fake outage pages to deliver malware By Lawrence Abrams May 29, 2026 02:21 PM 1 Threat actors are abusing ChatGPT's content-sharing feature to display fake OpenAI outage pages that direct users to download malware disguised as the ChatGPT desktop application. The "LLMShare" campaign, discovered by Push Security , uses Google ads to direct users searching for ChatGPT to a malicious shared ChatGPT page hosted on chatgpt.com, allowing the attack to be delivered through a legitimate OpenAI domain. Fake sponsored ChatGPT advertisement Users who click the advertisement are taken to a legitimate ChatGPT shared page, but instead of seeing a chat conversation, they are presented with a rendered outage notice claiming the web version is unavailable and that they should download the desktop application instead. "We're experiencing high traffic right now," reads the fake outage message. "Our website is temporarily unavailable due to a large number of users. Download our desktop app to continue." Fake outage message Unlike traditional phishing pages hosted on attacker-controlled infrastructure, the fake outage notice is rendered through ChatGPT itself.  The attackers created a custom HTML page using ChatGPT's rendering capabilities and published it through a shared chatgpt.com/s/ link, allowing the fake outage notice to be displayed from a legitimate ChatGPT URL. Push Security noted that the page includes "Show code" and "Remix with ChatGPT" controls, revealing that the fake outage notice is actually generated from custom HTML and CSS rendered by a ChatGPT prompt. If the visitor clicks on the download button, they are brought to a website at openew[.]app that impersonates OpenAI's desktop application download portal.  Fake ChatGPT download site The researchers say the site uses cloaking to display content only to targeted victims. When security platforms like URLScan visited the URL, they were shown a harmless AR/VR company websi