A fake "ChatGPT for Google" Chrome extension is capitalizing on the popularity of the AI technology, maliciously taking over the Facebook accounts of its users.
It turns out that this extension on the Chrome Web Store, which offers ChatGPT features on Google Search, carries trojan malware. Although it works as intended, its developers stuffed malicious code into it.
(Photo : NICOLAS MAETERLINCK/BELGA MAG/AFP via Getty Images)
Illustration picture shows the ChatGPT artificial intelligence software, which generates human-like conversation, Friday 03 February 2023 in Lierde.
Fake 'ChatGPT for Google' Chrome Extension with Trojan
As per a report by Bleeping Computer, the malicious "ChatGPT for Google" extension debuted on the Chrome Web Store, the official marketplace of the web browser, last Valentine's, or on February 14.
However, it got even more popular when the publisher of the malicious extension began promoting it via advertisements on Google Search last March 14.
While some folks are searching for the new GPT-4 AI, an ad showcases a Chrome extension that integrates the OpenAI technology to search results on Google.
(Photo : Leon Neal/Getty Images)
LONDON, ENGLAND - AUGUST 09: In this photo illustration, The Google logo is projected onto a man on August 09, 2017 in London, England. Founded in 1995 by Sergey Brin and Larry Page,
Given that, the extension, which vows to bring ChatGPT to Google Search, started getting thousands of downloads. But it turns out that this version comes with malicious malware.
Guardio Labs discovered the malicious campaign, noting that the extension draws thousands of new users daily.
It further notes that "it is based on an open-source product stuffed with malicious code, making the product function as expected and impossible to distinguish." As such, its users might be less suspicious as the extension works as it should, except that it sneaks in malware.
Stealing Facebook Accounts
The malicious "ChatGPT for Google" extension turns out to be silently stealing the Facebook accounts of its users via their session cookies.
(Photo : OLIVIER DOULIERY/AFP via Getty Images)
In this photo illustration, a person looks at a smart phone with a Facebook App logo displayed on the background, on August 17, 2021, in Arlington, Virginia.
The developers of the extension found a way to sign in to the Facebook accounts of its victims using the Chrome Extension API. From there, it would replace the account credentials of the Facebook account, preventing the actual user from accessing it. After which, the hackers would transform the account into "Lily Collins" clones. And this false persona is reportedly used to sell likes and spread propaganda.
Guardio Labs notes that there is a current trend wherein hacked Facebook accounts end up turning into "Lily Collins." It is "used to promote malicious activities all around from buying likes" to dangerous propaganda.
Read Also: Microsoft Bing with ChatGPT, GPT-4 No Longer has a Waitlist-Wider Availability?
Chrome Web Store Removes Malicious Extension
As of writing, the Chrome Web Store has finally kicked out the malicious "ChatGPT for Google" extension, which ends up stealing Facebook accounts. It comes a few hours after Guardio Labs exposed its scheme.
Before it was taken down, the trojan-injected extension saw roughly more than 9,000 installations. So it looks like it has stolen numerous Facebook accounts before it vanished into thin air.
Related Article: ChatGPT Makes it Easier to Publish Fraudulent Medical Data, Research Says
