October 3, 2023

Researchers have discovered fake ChatGPT extension with Chrome browser seen as the latest security concern.

The campaign starts with the malicious stealer extension, quick access to Chat GPT, showing up on Facebook-sponsored posts as a quick way to get started with ChatGPT directly from your browser.

Advertisements

The extension does connect with ChatGPT’s API, it also harvests information from users’ browsers, stealing cookies of authorized, active sessions to any service they have and employing tailored tactics to take over the user’s Facebook accounts

Once installed, the extension gains access to Meta’s Graph API for developers allowing the threat actor to access personal details quickly and to take actions on the users’ behalf directly through their Facebook account using simple API calls

High-profile Facebook business accounts that are taken over are treated differently. Those accounts are used to publish more sponsored posts and other social activities on behalf of the victim’s profiles, and the business’ account money credits are used to do so

More than 2000 users have been installing this extension daily since its first appearance on March 3rd, 2023.

Advertisements

This research was documented by researchers from Guardio, and following the report regarding this malicious extension to Google, the extension is now removed from Chrome’s store.

Tags:

Leave a Reply

You may have missed

Industrial Control Systems and Vulnerability Management Process

October 2, 2023

McLaren Healthcare suffers a Ransomware Incident

October 2, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – September, 2023

October 2, 2023

TheCyberThrone Security Week In Review – September 30, 2023

October 1, 2023

Mozilla fixes CVE-2023-5217 Vulnerability in its Products

September 30, 2023

CISA KEV Update Part III – September 2023

September 30, 2023
%d bloggers like this: