October 3, 2023

Researchers have discovered fake ChatGPT extension with Chrome browser seen as the latest security concern.

The campaign starts with the malicious stealer extension, quick access to Chat GPT, showing up on Facebook-sponsored posts as a quick way to get started with ChatGPT directly from your browser.


The extension does connect with ChatGPT’s API, it also harvests information from users’ browsers, stealing cookies of authorized, active sessions to any service they have and employing tailored tactics to take over the user’s Facebook accounts

Once installed, the extension gains access to Meta’s Graph API for developers allowing the threat actor to access personal details quickly and to take actions on the users’ behalf directly through their Facebook account using simple API calls

High-profile Facebook business accounts that are taken over are treated differently. Those accounts are used to publish more sponsored posts and other social activities on behalf of the victim’s profiles, and the business’ account money credits are used to do so

More than 2000 users have been installing this extension daily since its first appearance on March 3rd, 2023.


This research was documented by researchers from Guardio, and following the report regarding this malicious extension to Google, the extension is now removed from Chrome’s store.

Leave a Reply

%d bloggers like this: