Security News Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising


Level 12
Thread author
Top Poster
Mar 13, 2022
A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware.

"By hijacking high-profile Facebook business accounts, the threat actor creates an elite army of Facebook bots and a malicious paid media apparatus," Guardio Labs researcher Nati Tal said in a technical report.

"This allows it to push Facebook paid ads at the expense of its victims in a self-propagating worm-like manner."

The "Quick access to Chat GPT" extension, which is said to have attracted 2,000 installations per day since March 3, 2023, has since been pulled by Google from the Chrome Web Store as of March 9, 2023.


Level 18
Feb 7, 2023
A fake ChatGPT extension named “Quick access to ChatGPT” has been found to hijack Facebook business accounts. The extension injects malicious code into the Facebook pages of targeted businesses, allowing attackers to gain unauthorized access to the accounts and take over their management functions. This has led to multiple businesses reporting similar incidents of unauthorized access.

ForgottenSeer 98186

This is just another example showing it's risky adding "convenience" extensions, which only increase attack surface and open you up to outright fakes like this one.

Stay simple and stay safe. Word! (y):cool:
Threat actors exploit fads. Fads are treasure for them. Easy low-hanging fruits. Humans are such easy prey.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.