ChatGPT Chrome extension hacks Facebook accounts

Μια “πειραγμένη” έκδοση της δημοφιλούς νόμιμης επέκτασης ChatGPT για το Chrome κλέβει λογαριασμούς στο Facebook. Κατάφερε να διεισδύσει σε 9000 υπολογιστές μέσα από το Chrome Web Store.

ChatGPT, ChatGPT4, Facebook, Chrome, extension

The extension is a copy of the legitimate popular extension for Chrome named “ChatGPT for Google” that offers ChatGPT integration in search results.

However, this malicious version includes additional code that attempts to steal Facebook cookies.

The publisher of the malicious extension uploaded it to the Chrome Web Store on February 14, 2023, but started promoting it using Google Search ads only on March 14, 2023. Since then, it has averaged a thousand installs per day.

The researcher who discovered it, Nati Tal of Guardio Labs, it's mentioned that the extension communicates with the same server used earlier this month by a similar Chrome extension, which had amassed 4.000 downloads before Google removed it from the Chrome Web Store.

Therefore, this new variant is considered part of the same effort, which the operators kept as a backup in the Chrome Web Store and activated it when the first extension was removed.

The malicious extension is promoted via ads in Google Search results when searching for “Chat GPT4”.

Clicking on the sponsored results takes users to a fake “ChatGPT for Google” landing page and from there to the extension's page in the official Chrome extension store.

After the victim installs the extension, they get the promised functionality (ChatGPT embedding in search results), as the code of the legitimate extension still exists. However, the malicious plugin also attempts to steal cookies for Facebook accounts.

These stolen cookies allow fraudsters to log into the victim's Facebook account and gain full access to their profiles.

The malicious extension is no longer available in the Chrome Web Store but some victims have already been harmed. Check immediately if you are among them. The Best Technology Site in Greece
Follow us on Google News

ChatGPT, ChatGPT4, Facebook, Chrome, extension

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).