Fake ChatGPT Chrome extension targeted Facebook Ad accounts

2023-03-09 12:13

From malvertising, extension installation, hijacking Facebook accounts, and back again to propagation.

The fake ChatGPT extension discovered by Guardio is the latest security concern, affecting thousands daily.

While the extension does connect with ChatGPT's API, it also harvests information from users' browsers, stealing cookies of authorized, active sessions to any service they have and employing tailored tactics to take over the user's Facebook accounts.

Once installed, the extension gains access to Meta's Graph API for developers - allowing the threat actor to access personal details quickly and to take actions on the users' behalf directly through their Facebook account using simple API calls.

Thanks to Chrome's declarative NetRequest API, the extension can circumvent Facebook's protection measures.

Following Guardio's report regarding this malicious extension to Google, the extension is now removed from Chrome's store.

News URL

https://www.helpnetsecurity.com/2023/03/09/fake-chatgpt-extension/

#chatgpt #chrome #facebook

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Facebook		30	2	44	52	19	117