Better Check Your Facebook Account If You Did!
Guardio Labs detected a Chat GPT themed piece of malware pretending to be a Chrome Extension called “Quick access to Chat GPT”. While you are playing with the so called AI, the malware is busy hijacking your Facebook account. It does so to spread paid ads about itself and other nasties on Facebook, on your dime. It was first posted to the Chrome Web Store on March 3rd, not pulled until the 9th and during that time it was downloaded a fair amount of times.
If you installed the app, it looks for any already active Facebook login, and automatically installs two fake Facebook applications called portal and msg_kig to harvest cookies and your account data. From there it is easy to hijack your account and start buying ads which are then posted to your friends and other connections, informing them how awesome Quick access to Chat GPT is and to click to install it.
This is not the first time Chat GPT has been leveraged to spread infections, as you can read about at The Hacker News.
The "Quick access to Chat GPT" extension, which is said to have attracted 2,000 installations per day since March 3, 2023, has since been pulled by Google from the Chrome Web Store as of March 9, 2023.