Malware-Laced Fake ChatGPT Chrome Extension Hijacks Facebook Accounts for Malicious Advertising

A fake ChatGPT Chrome browser extension has been found to be capable of hijacking Facebook accounts and creating rogue admin accounts to spread malware through malicious paid media. The Quick Access to Chat GPT extension has been downloaded by 2,000 users per day since March 3, 2023. Promoted through Facebook-sponsored posts, the extension is engineered to harvest cookies and Facebook account data using an already active, authenticated session. Two bogus Facebook applications – portal and msg_kig – are used to maintain backdoor access and obtain full control of the target profiles. Hijacked Facebook business accounts are then used to advertise the malware, expanding its army of Facebook bots.

Google has since pulled the extension from the Chrome Web Store, as of March 9, 2023. This development comes as cybercriminals capitalize on the popularity of OpenAI's ChatGPT to create fake versions of the AI chatbot to trick unsuspecting users into installing them. In recent months, social engineering campaigns have also used unofficial ChatGPT social media pages to direct users to malicious domains that download information stealers like RedLine, Lumma, and Aurora. Fake ChatGPT apps have also been distributed through the Google Play Store and other third-party Android app stores to push SpyNote malware onto people's devices. Bitdefender has revealed that fraudsters are also using ChatGPT to conduct highly sophisticated investment scams.

If you're interested in leveraging the legitimate ChatGPT API for your business, contact BVTECH LLC today. BVTECH LLC can help you explore the benefits of the ChatGPT API and how it can be useful to your business. You can reach BVTECH LLC by email at help@bvtech.org or by phone at (210) 629-3314. Don't fall prey to fake ChatGPT extensions and applications - work with BVTECH LLC to access the real ChatGPT API and take your business to the next level.