Fake Chrome extension ChatGPT steals Facebook login information

A malicious Chrome extension called ChatGPT is being used to steal users' Facebook credentials for malicious advertising.

 

Fake ChatGPT extension is targeting Facebook users

Facebook and Chrome users are being targeted by a malicious browser extension that uses the name of the popular AI chatbot ChatGPT.

On March 8, 2023, Guardio Labs researcher Nati Tal stated in a Medium blog post that "A Chrome extension that supports quick access to fake ChatGPT functionality has been found to be is hijacking Facebook accounts and installing hidden account backdoors".

In the Medium blog post, Tal also notes the use of "a Facebook app 'backdoor' that silently grants threat actors super-admin rights". The extension may also collect the victim's browser cookies.

Guardian took to Twitter to warn readers about the malicious campaign.

Fake Chrome extension ChatGPT steals Facebook login information Picture 1Fake Chrome extension ChatGPT steals Facebook login information Picture 1

 

The fake browser extension, named 'Quick access to Chat GPT', can attack high profile Facebook accounts to create "hacked Facebook bot accounts". The threat actor then "publishes more sponsored posts and other social activities using the victim's profile and spends the credits in the business account".

The blog post also speculates that, once an attacker has access to your data, they "will probably sell it to the highest bidder as usual".

Thousands of Facebook accounts may have been compromised

In this malware campaign, thousands of Facebook accounts may have been successfully hijacked. In the aforementioned blog post, it is stated that "more than 2000 users install this extension daily since it first appeared on 03/03/2023."

On top of that, each individual installing the add-on "has his Facebook account stolen and this is probably not the only damage", many other consequences can arise from the presence of the open add-on wide.

Malicious Apps Removed from Chrome

Although thousands of people have downloaded this fake browser extension, it has now been taken down from the Google Chrome Store, preventing further attacks via Chrome-based downloads. It is not known exactly how many people have been affected by this campaign, but the number of installations is not small.

The name ChatGPT is often used by scammers

Since ChatGPT became famous, its name has been repeatedly used by cybercriminals to gain the trust of potential victims. Whether it's a fake ChatGPT-related token or a malicious extension claiming to be ChatGPT, the popularity of this AI chatbot is definitely being used by malicious actors to steal data and money.

5 ★ | 1 Vote