Your Private Space in a Public Domain: The Top 3 Bot Privacy Risks
Beware of the False ChatGPT Plugin: Your Facebook Login at Risk
A malicious Chrome extension using ChatGPT’s name is being used to steal users’ Facebook logins for malicious advertising.
Disclaimer: This post includes affiliate links
If you click on a link and make a purchase, I may receive a commission at no extra cost to you.
A Fake ChatGPT Extension Is Targeting Facebook Users
Facebook and Chrome users are being targeted by a malicious browser extension using the well-known name of theAI-powered chatbot ChatGPT .
On March 8, 2023, Guardio Labs researcher Nati Tal stated in a Medium blog post that “a Chrome Extension propelling quick access to fake ChatGPT functionality was found to be hijacking Facebook accounts and installing hidden account backdoors.”
In theMedium blog post , Tal also noted the use of “a malevolent silently forced Facebook app ‘backdoor’ giving the threat actors super-admin permissions.” The extension can also harvest victims’ browser cookies.
Guardio took to Twitter to warn readers of the malicious campaign.
The phony browser extension, named “Quick access to Chat GPT”, can hack high-profile Facebook accounts to create “hijacked Facebook bot accounts”. The threat actor is then “publishing more sponsored posts and other social activities on behalf of its victim’s profiles and spending business account money credits.”
It was also speculated in the blog post that, once the attacker has accessed your data, they will “probablysell it to the highest bidder as usual.”
Thousands of Facebook Accounts May Have Been Compromised
In this malicious campaign, thousands of Facebook accounts may have been successfully hijacked. In the aforementioned blog post, it was stated that there are “more than 2000 users installing this extension on a daily basis since its first appearance on 03/03/2023.”
On top of this, Tal wrote that each one of the individuals installing the add-on “gets his Facebook account stolen and probably this is not the only damage,” suggesting that other consequences may arise from the extension’s presence.
The Malicious App Has Been Removed from Chrome
Though thousands have downloaded this phony browser extension, it has now been taken down from the Google Chrome Store, preventing further attacks via Chrome-based downloads. It is not yet known exactly how many people have been affected by this campaign, but the number of installations is a definite concern.
ChatGPT’s Name Is Consistently Used by Scammers
Since ChatGPT’s rise to fame, its name has been repeatedly used by cybercriminals to gain the trust of potential victims. Whether its phony ChatGPT-related tokens, or malicious Chat GPT-branded extensions, the popularity of this AI-powered chatbot is undoubtedly being exploited by malicious actors to steal data and money.
Also read:
- [New] 2024 Approved FrameTaker High-Quality Edition
- [New] Amplify Sales Discover the Leading 15 Facebook Monitoring Tools for 2024
- [New] In 2024, Dissecting the New Features of CamStudio
- [Updated] In 2024, Streamline Slides to Cinematic Content
- [Updated] Step-by-Step Video Creation with YouTube and More
- Boost Mindful Living: Discover the Top 7 AI Applications
- Effective Strategies to Resolve Windows 10 Freezing Issues
- Emoji Investment Tips, Hacked Video Game Giants & the ChatGPT Job Uproar: Unraveling Tech Trends
- Essential Do's and Don'ts: Steering Clear of Missteps with ChatGPT in Content Generation
- In 2024, 11 Best Location Changers for Honor 70 Lite 5G | Dr.fone
- In 2024, Prime Pixel Predictor Discovering Top View Counts
- Innovative Coaching with AI: How ChatGPT Transforms Personal Fitness Programming
- Is It Secure to Use External ChatGPT Plugins and Add-Ons in Your Browser?
- Maximizing Profits: A Guide to GPT in Crypto Markets
- Secure Data: Block Unauthorized Scrappers
- Spearheading Development: Mastery in Using the ChatGPT API
- Step-by-Step Guide to Address Communication Issues with ChatGPT's Plugin Service
- Steps to Cure Missing Gems on Epic’s Library Platform
- Ultimate Guide: The 6 Greatest GTP-Powered Add-Ons for Your VSCode Experience
- Title: Your Private Space in a Public Domain: The Top 3 Bot Privacy Risks
- Author: Larry
- Created at : 2024-10-06 17:20:37
- Updated at : 2024-10-09 17:17:59
- Link: https://tech-hub.techidaily.com/your-private-space-in-a-public-domain-the-top-3-bot-privacy-risks/
- License: This work is licensed under CC BY-NC-SA 4.0.