Fake ChatGPT-branded Chrome browser extension was discovered to have these features.

Published: 2023-03-13

According to Ravie Lakshmanan's article from 2023 for The Hackers News, one of the several techniques used by cybercriminals to spread malware has been discovered to have the ability to hijack Facebook accounts and establish rogue admin accounts. This bogus ChatGPT-branded Chrome browser extension was discovered to have these features.

Guardio Labs researcher Nati Tal said in a technical paper that the threat actor builds an elite army of Facebook bots and a hostile paid media apparatus by taking over prominent Facebook business accounts.

This enables it to spread itself like a worm by pushing Facebook-sponsored advertisements at the cost of its victims.

From March 3, 2023, the "Fast access to Chat GPT" extension is believed to have had 2,000 installations each day. As of March 9, 2023, Google has now removed the extension from the Chrome Web Store.

Although offering the option to connect to the ChatGPT service, the browser add-on is advertised through Facebook-sponsored ads. It is also designed to covertly harvest cookies and Facebook account information using an existing live, authenticated session.

By the use of two fake Facebook programs called portal and msg kig, backdoor access is maintained and complete control of the target profiles is attained. Adding applications to Facebook accounts is a totally automated procedure.

The finding comes as threat actors are using OpenAI's ChatGPT's enormous popularity since its introduction in late 2017 to construct phony iterations of the AI chatbot and dupe unwary users into downloading them.

A social engineering effort using an unauthorized ChatGPT social media website to send visitors to malicious URLs that download information thieves like RedLine, Lumma, and Aurora was exposed by Cyble last month.

The virus is then advertised via the hacked Facebook business accounts, therefore growing its army of Facebook bots.

Fake ChatGPT apps have also been discovered that are distributed through the Google Play Store and other unofficial Android app stores to install SpyNote malware on people's devices.

According to a statement made last week by Bitdefender, "Unfortunately, the popularity of the viral AI tool has also drawn the attention of fraudsters who utilize the technology to undertake extremely complex financial schemes on naive internet users.