AI technology, such as ChatGPT, is becoming increasingly popular these days, and as a result, hackers are now taking advantage of the latest trends to craft malicious attacks. Recently, Meta, the parent company of leading social media networks including Facebook, Instagram, and WhatsApp, issued a warning about malware disguised as ChatGPT-related software.
Since March this year, cybercriminal activities have been growing, with around 10 malware families posing as ChatGPT and similar tools to compromise accounts all over the internet. To prevent further intrusion, Meta has blocked over 1,000 links to ChatGPT-themed malware on their services. Additionally, the company has notified industry peers, researchers, and governments about the reports.
It is believed that the malicious browser extensions are designed to mimic the real ChatGPT experience. While some non-malicious ones present working ChatGPT functionality, it’s important to be careful when downloading and using them. The hackers’ goal is to run ads across the internet from the compromised business accounts.
NodeStealer is one malware strain identified by Meta, which has the capability to steal login information from the victim’s browser and cookies. Other ChatGPT-themed malware have spread through ads or on third-party websites, and have been hosted on services such as Dropbox, Google Drive, and Microsoft OneDrive.
Since OpenAI, the developer of ChatGPT, hasn’t released a dedicated app or browser extension yet, users accessing the chatbot should be careful. It’s highly recommended to use the official ChatGPT website, or try the AI-powered Bing with the same AI algorithms. Moreover, it is essential to check the developer’s web page and user reviews before installing any third-party browser extension.
Meta is a technology company, headquartered in California, USA. It provides the technology infrastructure for several of the world’s most popular apps and services including Instagram, WhatsApp and Oculus. The company is owned by some of the internet’s largest technology companies, such as Microsoft and Amazon, and is a leader in online security and privacy.
The report issued by Meta was the work of Kurt Seifried, the company’s security analyst. Seifried joined Meta in 2014 and since then has worked to identify and protect users from digital threats. He is an acclaimed security expert, who has been featured in several renowned security creditations such as OWASP and CISSP.
