Security News > 2023 > March > Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising
2023-03-13 12:24

A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware.

"By hijacking high-profile Facebook business accounts, the threat actor creates an elite army of Facebook bots and a malicious paid media apparatus," Guardio Labs researcher Nati Tal said in a technical report.

The browser add-on is promoted through Facebook-sponsored posts, and while it offers the ability to connect to the ChatGPT service, it's also engineered to surreptitiously harvest cookies and Facebook account data using an already active, authenticated session.

This is achieved by making use of two bogus Facebook applications - portal and msg kig - to maintain backdoor access and obtain full control of the target profiles.

The process of adding the apps to the Facebook accounts is fully automated.

The hijacked Facebook business accounts are then used to advertise the malware, thereby effectively expanding its army of Facebook bots.


News URL

https://thehackernews.com/2023/03/fake-chatgpt-chrome-extension-hijacking.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Facebook 30 2 44 52 19 117