Security News > 2023 > March > Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts

Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts
2023-03-23 16:29

Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI's ChatGPT service to harvest Facebook session cookies and hijack the accounts.

The "ChatGPT For Google" extension, a trojanized version of a legitimate open source browser add-on, attracted over 9,000 installations since March 14, 2023, prior to its removal.

According to Guardio Labs researcher Nati Tal, the extension is propagated through malicious sponsored Google search results that are designed to redirect unsuspecting users searching for "Chat GPT-4" to fraudulent landing pages that point to the fake add-on.

Installing the extension adds the promised functionality - i.e., enhancing search engines with ChatGPT - but it also stealthily activates the ability to capture Facebook-related cookies and exfiltrate it to a remote server in an encrypted manner.

The development makes it the second fake ChatGPT Chrome browser extension to be discovered in the wild.

The other extension, which also functioned as a Facebook account stealer, was distributed via sponsored posts on the social media platform.


News URL

https://thehackernews.com/2023/03/fake-chatgpt-chrome-browser-extension.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Facebook 30 2 44 52 19 117