Based on current threat intelligence, I would treat openew.app as malicious and unsafe.
Several independent indicators point to it being a phishing/malware site:
- A recent security scan classified openew.app as a phishing site with a very low trust score and noted that 16 security engines flagged it. The domain was also only a few days old when analyzed, which is a common characteristic of malicious campaigns.
- Researchers at Malwarebytes reported that openew.app impersonates the official ChatGPT download page and delivers malware to both Windows and macOS users. According to their analysis, Windows users receive credential-stealing malware, while macOS users are served Atomic Stealer (AMOS), which targets passwords, browser data, and cryptocurrency wallets.
- Multiple malware sandbox analyses observed malicious behavior associated with downloads from the site and classified activity from the domain as malicious.
If you visited the site
- Simply viewing the page is generally lower risk than downloading and running software.
- If you downloaded and executed anything from the site, assume the computer may be compromised.
- If you entered any passwords, change them immediately from a known-clean device.
- Run a full antivirus scan and consider a second-opinion scanner such as Malwarebytes.
- Check browser-saved passwords, banking accounts, email accounts, and cryptocurrency wallets for suspicious activity.
