Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware.

"By hijacking high-profile Facebook business accounts, the threat actor creates an elite army of Facebook bots and a malicious paid media apparatus," Guardio Labs researcher Nati Tal said in a technical report.

"This allows it to push Facebook paid ads at the expense of its victims in a self-propagating worm-like manner."

The "Quick access to Chat GPT" extension, which is said to have attracted 2,000 installations per day since March 3, 2023, has since been pulled by Google from the Chrome Web Store as of March 9, 2023.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,673
This is just another example showing it's risky adding "convenience" extensions, which only increase attack surface and open you up to outright fakes like this one.

Stay simple and stay safe. Word! (y):cool:
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
A fake ChatGPT extension named “Quick access to ChatGPT” has been found to hijack Facebook business accounts. The extension injects malicious code into the Facebook pages of targeted businesses, allowing attackers to gain unauthorized access to the accounts and take over their management functions. This has led to multiple businesses reporting similar incidents of unauthorized access.
 
F

ForgottenSeer 98186

This is just another example showing it's risky adding "convenience" extensions, which only increase attack surface and open you up to outright fakes like this one.

Stay simple and stay safe. Word! (y):cool:
Threat actors exploit fads. Fads are treasure for them. Easy low-hanging fruits. Humans are such easy prey.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top