HomeTech NewsMalware "disguised" as a ChatGPT extension for Google Chrome was stealing Facebook...

Malware “disguised” as a ChatGPT extension for Google Chrome was stealing Facebook accounts

Cybersecurity experts at Guardio Labs discovered a malware “disguised” as ChatGPT in the Google Chrome store. Already removed from the platform, the false extension pretended to be a way to integrate the browser with the popular artificial intelligence chatbot that gained the spotlight in 2023.

According to the report released on Wednesday (22), the fake extension designed to steal Facebook accounts, without the victim noticing strange behavior while browsing the web. The malware was actually a malicious copy of a legitimate extension called “ChatGPT for Google”.

On the left, copy of “ChatGPT for Google”; right, legitimate extension (Image: Guardio Labs)

ChatGPT for Google allows OpenAI’s artificial intelligence to become an “assistant” for web searches, displaying relevant and additional information whenever the user performs searches on Google, Bing and DuckDuckGo, for example. The tool has over 2 million users and hundreds of positive reviews.

In light of the popularity of the extension and the growing interest in artificial intelligence, hackers created an almost perfect copy of the tool that, while using the browser, allowed tracking the cookies used by Facebook. These cookies were sent to the malicious actors’ server and exploited to log into the account.

The fake extension, which was available to install for nearly a month on the Chrome Web Store, was widely circulated with paid promotion through Google Ads. During that time, thousands of users downloaded malware onto their browsers, which could include Chrome, Microsoft Edge, and others based on Chromium.

This is not the first time that the name ChatGPT has been used by hackers to attract people’s attention. The popularity of artificial intelligence is exploited in phishing scams that, according to a recent survey by the company Cyble, can affect thousands of users of devices with Android and Windows.

(Image: Playback)

If you have installed an extension with the name “ChatGPT For Google”, you can verify that the application is legitimate in the browser’s extensions menu — usually identified by the puzzle piece icon. Just go to the settings and look for the tool details.

Latest articles

What are the best smartphones tested by Voonze in September 2024?

Here is our selection of the best smartphones in 2024, all tested and validated...

Nvidia GeForce Now in September 2024: the start of the school year promises to be fantastic with Final Fantasy XVI and Age of Mythology

In this rainy back-to-school season, Nvidia unveils the list of games that will join...

More like this