GoKawiilThreat actors are creating OpenAI tenants that impersonate legitimate companies and inviting employees to join them, in what appears to be a ploy to trick targets into submitting sensitive company information in chats and projects.
Push Security discovered what they dub as the "Poisoned Tenant" campaign after multiple employees received invitations to join an OpenAI organization named "Push Security Inc." While the invite was legitimate, coming directly from OpenAI, the ChatGPT tenant had been created by an attacker using Gmail addresses rather than by the company.
The invitation emails were sent from OpenAI's legitimate notification address, [email protected], passed email authentication checks, and were identical to a normal invitation to join an organization's ChatGPT workspace.
Fake Push Security OpenAI tenant invite sent to employees
Source: Push Security
Push Security told BleepingComputer that other customers have also received similar invitations and that all are in the cybersecurity or technology space.
Attacker-controlled OpenAI organizations
According to Push Security, the invitations targeted specific employees using their work email addresses, suggesting the attackers had researched the employees who work at the company before launching the campaign.
Although OpenAI includes a warning stating that the inviter's email domain does not match the recipient's company domain, the notice appears as a single line within the legitimate invitation email.
To better understand the attack's goal, Luke Jennings, VP, Research & Development at Push Security, accepted one of the invitations.
... continue reading