Security News > 2023 > March > Facebook accounts hijacked by new malicious ChatGPT Chrome extension

Facebook accounts hijacked by new malicious ChatGPT Chrome extension
2023-03-22 16:44

A trojanized version of the legitimate ChatGPT extension for Chrome is gaining popularity on the Chrome Web Store, accumulating over 9,000 downloads while stealing Facebook accounts.

The extension is a copy of the legitimate popular add-on for Chrome named "ChatGPT for Google" that offers ChatGPT integration on search results.

The researcher who discovered it, Nati Tal of Guardio Labs, reports that the extension is communicating with the same infrastructure used earlier this month by a similar Chrome add-on that amassed 4,000 installations before Google removed it from the Chrome Web Store.

This new variant is considered part of the same campaign, which the operators kept as a backup on the Chrome Web Store for when the first extension would be reported and removed.

At this time, the malicious Google Chrome extension is still present in the Google Chrome Web Store.

The security researcher reported the malicious extension to the Chrome Web Store team, which will likely be removed soon.


News URL

https://www.bleepingcomputer.com/news/security/facebook-accounts-hijacked-by-new-malicious-chatgpt-chrome-extension/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Facebook 30 2 44 52 19 117