Google has stepped in to take away a bogus Chrome browser extension from the official Net Retailer that masqueraded as OpenAI’s ChatGPT service to reap Fb session cookies and hijack the accounts.
The “ChatGPT For Google” extension, a trojanized model of a professional open supply browser add-on, attracted over 9,000 installations since March 14, 2023, previous to its elimination. It was initially uploaded to the Chrome Net Retailer on February 14, 2023.
Based on Guardio Labs researcher Nati Tal, the extension is propagated by way of malicious sponsored Google search outcomes which can be designed to redirect unsuspecting customers trying to find “Chat GPT-4” to fraudulent touchdown pages that time to the pretend add-on.
Putting in the extension provides the promised performance – i.e., enhancing serps with ChatGPT – but it surely additionally stealthily prompts the power to seize Fb-related cookies and exfiltrate it to a distant server in an encrypted method.
As soon as in possession of the sufferer’s cookies, the menace actor strikes to grab management of the Fb account, change the password, alter the profile title and movie, and even use it to disseminate extremist propaganda.
The event makes it the second pretend ChatGPT Chrome browser extension to be found within the wild. The different extension, which additionally functioned as a Fb account stealer, was distributed by way of sponsored posts on the social media platform.
Uncover the Hidden Risks of Third-Celebration SaaS Apps
Are you conscious of the dangers related to third-party app entry to your organization’s SaaS apps? Be a part of our webinar to be taught concerning the kinds of permissions being granted and tips on how to decrease danger.
If something, the findings are one more proof that cybercriminals are able to swiftly adapting their campaigns to money in on the recognition of ChatGPT to distribute malware and stage opportunistic assaults.
“For menace actors, the probabilities are limitless — utilizing your profile as a bot for feedback, likes, and different promotional actions, or creating pages and commercial accounts utilizing your popularity and id whereas selling providers which can be each professional and possibly principally not,” Tal stated.
