A report has emerged stating that Guardio Labs, a digital security solutions company, has discovered a fake Chrome extension that claims to include ChatGPT answers in Google search results. However, in reality, the extension is a hacking tool that hijacks victims’ Facebook accounts. This malicious add-on exploits the Chrome Extensions API to steal active cookies for Facebook accounts and sends their data to the attackers’ servers. Once the attackers possess that data, they can access Facebook accounts, change account information, and turn victims’ profiles into fake ones that are used to spread malicious ads and extremist propaganda.
Guardio Labs suggests that the attackers took advantage of the immense popularity of ChatGPT as an artificial intelligence bot to lure their victims. They spread the malicious extension through advertisements that appeared to those seeking “ChatGPT 4” and invited them to try the latest version. Since its release on February 14, the malicious extension has been downloaded over nine thousand times. The attackers created the malicious add-on based on the source code of a legitimate add-on that is available in open-source form, which makes the malicious plugin even more deceptive.
Guardio Labs has reported that the fake extension was available in the Chrome Web Store between February 14 and March 22, the date that Google removed the extension from its store immediately after its discovery. However, this is not the first time that the company has found an add-on targeting ChatGPT seekers. Previously, the company had discovered a similar add-on that the attackers had published their ads on both Facebook and Google.
Guardio Labs warns that ChatGPT’s increasing popularity makes it an easy target for victims, and expects similar attacks to increase in the future. The company urges users to be careful about downloading any questionable add-ons, particularly those promoted through web ads.