Recent reports have shown that more and more cyber criminals have been leveraging lures from the popular chatbot program ChatGPT to facilitate the distribution of malware. This technique, which has been used on Facebook, Instagram, and WhatsApp, has enabled ten unique malware families since March. As per TechCrunch, the Vietnamese threat actors have even been using malicious browser extensions to deploy the DuckTail malware, which has the potential to exfiltrate data and hijack Facebook sessions.
Meta, the parent company of Facebook, sent a cease and desist to the groups behind DuckTail, and to make matters worse, the same type of threat actors were evidently responsible for the creation of Node Stealer malware. Fortunately, Meta was able to take immediate steps to shut down the threat by sending takedown requests to hosting providers and domain registrars. Duc Nguyen, who is a Meta security engineer, and Ryan Victory were delighted to witness how the malware was completely disrupted and remarked that “no new samples of Node Stealer malware have been observed since February 27th 2021.”
Meta is a particularly important firm within the online sphere as it defends Facebook and its other platforms from threats and dangerous activity. Furthermore, it has been responsible for the launch of multiple initiatives such as the Data Abuse Bounty, encouraging users to report errors and security risks and even offering rewards. Meta also maintains collaborative relationships with law enforcement agencies and is perpetually expanding its Digital Defence team in order to better secure user data.
Duc Nguyen and Ryan Victory, who are both security engineers at Meta, have been instrumental in combating malware distribution via ChatGPT lures. Although their work was done mostly on the backend, the dangerous threat was successfully eliminated due to their diligent efforts. This is just one example of how Meta’s security team works tirelessly to ensure that platforms like Facebook and its subsidiaries are always safe.
