Hackers are breaching Facebook users through a fake ChatGPT Chrome extension.
The campaign has been active at least since March 14, 2022.
- The false Chrome extension is reaching victims by appearing in Google Search results whenever users type Chat GPT 4.
- The threat actors have been paying for advertising in order to rank higher on the Google Search result page.
- Once the users click on the sponsored search result, they are directed to a fake Chrome extension landing page.
- After the victim installs the extension, they gain access to ChatGPT in their search results, leading them to not suspect that what they downloaded may contain malicious files.
- So far, the extension has been downloaded over 1,000 times per day.
- The false extension was published on Feb. 14, 2023.
- This new variant is considered part of the same campaign that was tracked last month.
