• Blog
  • Negative AI
  • Facebook Accounts Are Hijacked by ChatGPT Chrome Extension in a Malicious Attack
Facebook Accounts Are Hijacked by ChatGPT Chrome Extension in a Malicious Attack

Facebook Accounts Are Hijacked by ChatGPT Chrome Extension in a Malicious Attack

Written on . Posted in Negative AI.

This article was initialized by a human, created by AI, updated by a human, copy edited by AI, final copy edited by a human, and posted by a human. For human benefit. Enjoy!

A new security risk associated with ChatGPT is using a Chrome extension to spread and harm innocent users.

Using a legitimate open source "ChatGPT for Google" extension as a base, threat actors purportedly added malicious code aimed to steal Facebook session cookies, according to a blog post by Guard.io.

Malicious sponsored search engine results then led users to the extension.

To test the new algorithm, you search for "Chat GPT 4," and in your eagerness, you click on a sponsored search result that promises you precisely that, according to Guard.io.

The only thing left to do is install the extension from the official Chrome Store after being redirected to a landing page that offers you ChatGPT directly inside your search results page. You will be able to access ChatGPT through the search results, but your Facebook account will be immediately compromised.

The only thing left to do is install the extension from the official Chrome Store after being redirected to a landing page that offers you ChatGPT directly inside your search results page. You will be able to access ChatGPT through the search results, but your Facebook account will be immediately compromised.

We can tell the authentic extension is using the "OnInstalled" handler method only to make sure you see the settings screen (where you can log in to your OpenAI account), according to Guardio.

However, the malicious code that was forked is taking advantage of the current situation to steal your session cookies.

Once taken, the cookies are encrypted and exfiltrated, giving threat actors instant access to the accounts that have been compromised. They then alter the log-in information to keep the legitimate user from accessing the accounts.

Google said that more than 9000 people had downloaded the malicious ChatGPT for Chrome app before Google took it down.

The security company said that more than 9000 people had downloaded the malicious ChatGPT for Chrome app before Google took it down.

Guardio has found this to be the second "FakeGPT" extension. The first one was spread through paid Facebook posts.

Interested in the latest updates on AI technology? Follow us on Facebook and join our group (Link to Group) to leave your comments and share your thoughts on this exciting topic!