March 23, 2023Rabbi Lakshmananbrowser security / artificial intelligence

Google stepped in to remove a fake Chrome browser extension that impersonates OpenAI’s ChatGPT service, collects Facebook session cookies, and hijacks accounts from its official web store.

The “ChatGPT For Google” extension is a trojanized version of Genuine open source browser add-on, amassed over 9,000 installs since March 14, 2023, before being removed. Originally uploaded to the Chrome Web Store on February 14, 2023.

according to Guardio Lab According to researcher Nati Tal, the extension is a malicious extension designed to redirect unsuspecting users searching for “Chat GPT-4” to a deceptive landing page pointing to a fake addon. Propagated through some sponsored Google search results.

Installing the extension adds the promised functionality (i.e. powering your search engine with ChatGPT), but also secretly the ability to capture Facebook-related cookies and steal them to a remote server in an encrypted way. Enabled.

Once attackers have obtained a victim’s cookies, they can take control of Facebook accounts, change passwords, change profile names and photos, and even use them to spread extremist propaganda.

ChatGPT Chrome browser

This development made it the second fake ChatGPT Chrome browser extension that was actually discovered. Another extension also acted as a Facebook account stealer and was distributed through sponsored posts on social media platforms.


Discover the hidden dangers of third-party SaaS apps

Are you aware of the risks associated with third-party app access to your company’s SaaS apps? Join our webinar to learn about the types of permissions granted and how to minimize the risks.

reserve a seat

If anything, the findings are yet another evidence that cybercriminals can quickly adapt their campaigns to leverage the popularity of ChatGPT to distribute malware and carry out opportunistic attacks.

“The potential for threat actors is endless. While using your profile as a bot for comments, likes, and other promotional activities, or using your reputation and identity to create pages and ad accounts, , advertising a service that is legitimate and probably not,” Tull said.

Did you find this article interesting?Please follow us twitter and LinkedIn To read more exclusive content that we post.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog