Google has stepped in to clear away a bogus Chrome browser extension from the official Web Keep that masqueraded as OpenAI’s ChatGPT service to harvest Facebook session cookies and hijack the accounts.
The “ChatGPT For Google” extension, a trojanized version of a respectable open up supply browser add-on, attracted around 9,000 installations considering that March 14, 2023, prior to its removal. It was originally uploaded to the Chrome Web Retail store on February 14, 2023.
According to Guardio Labs researcher Nati Tal, the extension is propagated by means of malicious sponsored Google look for success that are developed to redirect unsuspecting users exploring for “Chat GPT-4” to fraudulent landing webpages that level to the phony increase-on.
Setting up the extension provides the promised features – i.e., boosting research engines with ChatGPT – but it also stealthily activates the skill to capture Fb-associated cookies and exfiltrate it to a remote server in an encrypted manner.
As soon as in possession of the victim’s cookies, the menace actor moves to seize command of the Facebook account, alter the password, change the profile identify and picture, and even use it to disseminate extremist propaganda.
The improvement helps make it the second pretend ChatGPT Chrome browser extension to be discovered in the wild. The other extension, which also functioned as a Facebook account stealer, was dispersed by means of sponsored posts on the social media platform.
WEBINARDiscover the Hidden Dangers of 3rd-Party SaaS Apps
Are you mindful of the pitfalls associated with 3rd-party app obtain to your firm’s SaaS applications? Be a part of our webinar to study about the types of permissions remaining granted and how to minimize risk.
RESERVE YOUR SEAT
If everything, the conclusions are nevertheless a further evidence that cybercriminals are capable of quickly adapting their campaigns to cash in on the level of popularity of ChatGPT to distribute malware and stage opportunistic attacks.
“For risk actors, the alternatives are unlimited — utilizing your profile as a bot for comments, likes, and other promotional actions, or developing internet pages and ad accounts applying your track record and identity though marketing services that are the two genuine and possibly primarily not,” Tal claimed.
Observed this short article exciting? Comply with us on Twitter and LinkedIn to browse additional exclusive articles we submit.
Some parts of this write-up are sourced from: