Fake ChatGPT Browser Extension Grab Thousands of User Data and Steal Facebook Business Accounts

The more popular something is, the more people are looking for loopholes to exploit it. Yep, this is realized by the existence of a Google Chrome extension that offers fast access to ChatGPT (AI chatbot) with just a few clicks. But apparently, the extension actually harvests data and even asks for administrative access to its user's Facebook account.

This extension is called "Quick access to ChatGPT" and was available in the Chrome Web Store from March 3 to 31. March 9, 2023. Although relatively short, the extension has been downloaded by 2,000 Chrome users. This extension does provide that access by connecting to the ChatGPT API. But at the same time, it also steals user data.

Cybersecurity firm Guardio discovered that the browser extension harvested all cookies stored on the browser and stole authenticated session tokens for Google, YouTube, Facebook and Twitter. This is what allows the extension to access the Meta Graph API, which is what developers typically use to build Facebook-compatible apps.

Furthermore, this extension can access Facebook account details and act on behalf of the user. Some of these actions include registering malicious Facebook apps on user accounts, requesting all available permissions, including those involving linked WhatsApp and Instagram accounts. For Facebook Business accounts, the extension retrieves data on active promotions, credit balance, minimum billing threshold, and credit facility information.

Source:
Guardio