Microsoft warns that a fake ChatGPT desktop app was used to deliver PipeMagic malware, linked to ransomware attacks exploiting a Windows zero-day.
Cybersecurity researchers at Microsoft discovered a new backdoor called PipeMagic while investigating attacks that abused a zero-day flaw in Windows CLFS (CVE-2025-29824). What makes this backdoor dangerous is how it poses as a legitimate open-source ChatGPT desktop application while delivering a framework for running ransomware operations.
PipeMagic relies on a modular design that loads different components as needed. These modules handle everything from command-and-control communication to payload execution, all while staying hidden through encrypted named pipes and in-memory operations. By separating its functions this way, the backdoor makes it far more difficult for defenders to detect or analyze.
It is worth noting that the ChatGPT Desktop project on GitHub mentioned by Microsoft (available here) is not malicious. What happened is that attackers used a trojanized copy of this app, since it’s open source, modified with hidden code, to deliver the PipeMagic backdoor. The legitimate version remains safe, but downloading from unofficial or compromised sites carries the risk of infection.
“The first stage of the PipeMagic infection execution begins with a malicious in-memory dropper disguised as the open-source ChatGPT Desktop Application project. The threat actor uses a modified version of the GitHub project that includes malicious code to decrypt and launch an embedded payload in memory.”
Microsoft
PipeMagic Attributed to Storm-2460
Microsoft attributes PipeMagic to a financially motivated group known as Storm-2460. In recent campaigns, the group used it alongside CVE-2025-29824, a privilege escalation vulnerability, to move from initial access to ransomware deployment.
The attacks have not been limited to one industry or geography, with victims identified targeting financial and real estate organizations in the United States, Europe, South America, and the Middle East.
Researchers examining PipeMagic found that it manages payloads through a set of linked lists that act like internal queues. Some lists hold modules waiting to be executed, others manage network communication, while one list remains unexplained but appears to be used dynamically by loaded payloads. This structure allows Storm-2460 to update or replace components on the fly, giving them flexibility without having to redeploy the entire backdoor.
According to Microsoft’s long technical blog post, the communication layer of PipeMagic is equally sophisticated. Instead of connecting directly to its command server, the backdoor loads a dedicated networking module that establishes a WebSocket-style connection with its operators.
This design keeps network traffic isolated from the rest of the backdoor, limiting detection opportunities. Once a secure channel is active, PipeMagic sends detailed system information, including bot ID, domain details, process integrity, and user context, before receiving instructions on what modules to run or which data to exfiltrate.
Storm-2460 can also insert new modules, update existing ones, gather hashes, enumerate processes, and even rename the backdoor executable for self-deletion. Therefore, Microsoft has released detections across Microsoft Defender products and is urging organizations to review their security.
PipeMagic shows just how far backdoors have evolved. By using a zero-day exploit with a modular backdoor, Storm-2460 built a tool that easily bypasses detection. The full Microsoft analysis goes deep into its internal structures and also offers mitigation guidance.
