Facebook’s parent company Meta has warned users that hackers are using interest in ChatGPT and other generative AI applications to trick them into downloading malware pretending to be AI apps. Since March, Meta has discovered ten malware families connected to AI-themed lures, and has blocked over 1,000 malicious URLs from being shared on its platforms.
The most commonly discovered malware strain is DuckTail, which is used to steal browser cookies to access victims’ social media accounts. It has been increasingly targeting victims with AI-themed lures, and has been seen automatically granting business admin permissions to requests for ad-related actions sent by attackers.
Another malware strain, NodeStealer, is known to target Windows-based browsers, stealing cookies and login credentials to access Facebook, Gmail, and Microsoft Outlook accounts. After swiftly finding the malware strain in just two weeks, Meta took action to disrupt it and help victims recover their accounts.
Meta has responded to these threats by launching new security features for business accounts, such as a support tool to guide users to remove malware. It has also introduced new controls for business accounts, to help them manage and limit who can become an account administrator. In addition, Facebook at-Work accounts are launching later this year, providing businesses with the ability to operate their account independently from personal accounts.
Meta is an AI-focused company that works to improve the development, understanding, and commercialization of AI. Most notably, the company is developing DigiDirect, a platform that aims to improve the security of connected IoT devices. The company was founded in 2017 and is led by Justin Hartley, CEO, and chairman.
