February 10, 2025

Mar 23, 2023Ravie LakshmananBrowser Safety / Synthetic Intelligence

Google has stepped in to take away a bogus Chrome browser extension from the official Net Retailer that masqueraded as OpenAI’s ChatGPT service to reap Fb session cookies and hijack the accounts.

The “ChatGPT For Google” extension, a trojanized model of a legitimate open source browser add-on, attracted over 9,000 installations since March 14, 2023, previous to its removing. It was initially uploaded to the Chrome Net Retailer on February 14, 2023.

In response to Guardio Labs researcher Nati Tal, the extension is propagated by malicious sponsored Google search outcomes which might be designed to redirect unsuspecting customers trying to find “Chat GPT-4” to fraudulent touchdown pages that time to the pretend add-on.

Putting in the extension provides the promised performance – i.e., enhancing search engines like google and yahoo with ChatGPT – but it surely additionally stealthily prompts the power to seize Fb-related cookies and exfiltrate it to a distant server in an encrypted method.

As soon as in possession of the sufferer’s cookies, the menace actor strikes to grab management of the Fb account, change the password, alter the profile identify and movie, and even use it to disseminate extremist propaganda.

ChatGPT Chrome Browser

The event makes it the second pretend ChatGPT Chrome browser extension to be found within the wild. The opposite extension, which additionally functioned as a Fb account stealer, was distributed by way of sponsored posts on the social media platform.

WEBINAR

Uncover the Hidden Risks of Third-Social gathering SaaS Apps

Are you conscious of the dangers related to third-party app entry to your organization’s SaaS apps? Be a part of our webinar to be taught concerning the varieties of permissions being granted and how you can decrease threat.

RESERVE YOUR SEAT

If something, the findings are yet one more proof that cybercriminals are able to swiftly adapting their campaigns to money in on the recognition of ChatGPT to distribute malware and stage opportunistic assaults.

“For menace actors, the probabilities are countless — utilizing your profile as a bot for feedback, likes, and different promotional actions, or creating pages and commercial accounts utilizing your status and id whereas selling companies which might be each reputable and doubtless principally not,” Tal mentioned.

Discovered this text fascinating? Observe us on Twitter and LinkedIn to learn extra unique content material we submit.