Kaspersky has reported that its security solutions detected more than 92,000 attacks involving malware and potentially unwanted applications disguised as popular AI tools between January and early May 2026 — with fake ChatGPT applications accounting for nearly half of all detected incidents.

AI brand impersonation at scale

Of the 92,000-plus attacks detected globally, fake ChatGPT applications represented 49 per cent of the total. Claude and Gemini impersonators each accounted for 18 per cent. Kaspersky researchers identified more than 15,000 distinct malware samples masquerading as agentic AI software, including fake versions of tools such as OpenClaw. The payload types span banking trojans, spyware, exploits, and malware downloaders capable of installing secondary payloads.

Silver Fox APT targets AI tool seekers

In May 2026, Kaspersky’s Global Research and Analysis Team (GReAT) uncovered a campaign linked to the Silver Fox advanced persistent threat group. Attackers distributed fake Claude AI applications for Windows, macOS, and Linux, targeting users seeking access to AI tools. Once executed, the malicious installers silently deployed malware enabling long-term system access and data exfiltration.

“The introduction of AI agents into enterprise environments changes the nature of trust itself. Every automated action becomes part of a wider chain of systems and data exchanges, which means security is no longer just about protecting endpoints — it is about controlling how intelligence, permissions, and decisions propagate across interconnected AI-driven processes,” said Dmitry Galov, Head of Russia and CIS units at Kaspersky GReAT.

Kaspersky recommends organisations deploy managed detection and response capabilities and ensure staff are trained to verify the authenticity of AI tools before installation. For end users, the guidance is to source AI applications exclusively from verified publishers and avoid anonymous or unverified bots. The findings were first presented at Kaspersky HORIZONS in Rome on 19 May 2026.