Fable Security researchers have uncovered a new risk targeting ChatGPT Atlas users: cybercriminals are now using the platform as a lure to steal browser-stored passwords.
The scheme, known as the “ClickFix attack,” caught attention after data scientist Kaushik Devireddy reported a sharp spike—more than 517% growth—in its use.
The attackers rely on a simple copy-and-paste trick. They distribute bogus ChatGPT Atlas installers that secretly launch malware designed to extract saved passwords from a victim’s browser.
How the attack works
Although this threat only reached OpenAI’s ecosystem this year, ClickFix has been circulating since mid-2024, initially tied to cyber-espionage operations. In 2025, it shifted toward mainstream platforms like Google Meet and now ChatGPT Atlas, where criminals seem to be focusing their efforts.
To fool their targets, the attackers set up convincing imitation websites. These pages are crafted to mirror legitimate installers—with matching layouts, visuals, and even text.
During the investigation, analysts found a counterfeit browser installer posing as an AI tool. What alarmed them most was how closely it resembled the authentic version. The only giveaway was the address bar: the site lived under a Google Sites domain. But even that subtle clue wasn’t enough for many users, since Google’s branding created a false sense of safety.
The copy-and-paste trap
Once someone lands on the fake installer page, they’re instructed to copy a block of text and run it in a command-line tool—such as PowerShell on Windows.
This looks harmless, but it’s the core of the attack. The copied command launches a remote script that repeatedly prompts the user for their system password until the correct one is entered. With that information, the attackers can escalate privileges and take full control of the machine, harvesting sensitive data along the way.
Researchers also found that the malware can sidestep strong security tools, raising the stakes even further.
The best defence is caution. Avoid installing tools from unfamiliar browser pages, and never run command-line instructions provided by sites you don’t fully trust. A moment of scrutiny can prevent a serious breach.
