Security News > 2023 > May > Meta Takes Down Malware Campaign That Used ChatGPT as a Lure to Steal Accounts

Meta said it took steps to take down more than 1,000 malicious URLs from being shared across its services that were found to leverage OpenAI's ChatGPT as a lure to propagate about 10 malware families since March 2023.

The development comes against the backdrop of fake ChatGPT web browser extensions being increasingly used to steal users' Facebook account credentials with an aim to run unauthorized ads from hijacked business accounts.

The attack chains are primarily engineered to target the personal accounts of users who manage or are connected to business pages and advertising accounts on Facebook.

Ducktail isn't the only stealer malware detected in the wild, for Meta disclosed that it uncovered another novel strain dubbed NodeStealer that's capable of plundering cookies and passwords from web browsers to ultimately compromise Facebook, Gmail, and Outlook accounts.

The malware is assessed to be of Vietnamese origin, with Meta noting that it "Took action to disrupt it and help people who may have been targeted to recover their accounts" within two weeks of it being deployed in late January 2023.

"After retrieving the Facebook credentials from the target's browser data, the malware uses it to make several unauthorized requests to Facebook URLs to enumerate account information related to advertising," Meta said.

News URL

https://thehackernews.com/2023/05/meta-takes-down-malware-campaign-that.html