A fake ChaptGPT Chrome extension was found to be targeting Facebook accounts. Attackers had copied the legitimate add-on for Chrome named “ChatGPT for Google” that offered integration in search results. The malicious version has an additional code to steal Facebook session cookies, according to a report by cybersecurity firm Guardio.
Threat actors just forked and edited a well-known open-source project to target users, and the campaign was already hitting thousands a day, the report said.
The campaign was aimed at hijacking Facebook accounts turning them into “Lily Collins” clones and bots to be then used to promote malicious activities, even sharing ISIS propaganda.
The malicious campaign was found to be pushed using sponsored Google search results rather than sponsored Facebook posts, the report said.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
Based on the open-source project, the fake ChatGPT extension was found to do only one specific malicious action right after installation leaving the rest of the genuine code untouched to avoid suspicion.
The misuse of ChatGPT’s brand gained popularity after OpenAI granted access to developers to integrate ChatGPT API into their apps and products.
Extensions for Chrome and other major services from Facebook, Google, and other companies are facing continuous attacks and abuse while users continue to be hit the most, the report said.
OpenAI released the ChatGPT and Whisper models through API for developers in March of this year.