Facebook and Chrome users are being targeted by a malicious browser extension that uses the name of the popular AI chatbot ChatGPT.
On March 8, 2023, Guardio Labs researcher Nati Tal stated in a Medium blog post that “A Chrome extension that supports quick access to fake ChatGPT functionality has been found to be running hijack Facebook accounts and install hidden account backdoors”.
In the Medium blog post, Tal also notes the use of “a Facebook app ‘backdoor’ that silently grants threat actors super-admin rights”. The extension may also collect the victim’s browser cookies.
In this malware campaign, thousands of Facebook accounts may have been successfully hijacked. In the aforementioned blog post, it is stated that “more than 2000 users install this extension daily since it first appeared on 03/03/2023.”
Since ChatGPT became famous, its name has been repeatedly used by cybercriminals to gain the trust of potential victims. Whether it’s a fake ChatGPT-related token or a malicious extension claiming to be ChatGPT, the popularity of this AI chatbot is definitely being used by malicious actors to steal data and money.
