Hackers are leveraging ChatGPT-themed lures to propagate malware on Facebook, Instagram, and WhatsApp as interest in generative AI chatbots develops.
Meta, Facebook’s parent corporation, reported Wednesday that ChatGPT-posing malware was rising throughout its networks. Since March 2023, its security specialists have found ten malware families exploiting ChatGPT (and similar themes) to infect customers’ devices.
Meta security engineers Duc H. Nguyen and Ryan Victory said in a blog post that threat actors had created malicious browser extensions in legitimate online stores that purport to offer ChatGPT-based capabilities. They promoted these dangerous extensions on social media and paid search results to lure consumers into installing malware.
Meta believes DuckTail malware distributors increasingly use AI-themed lures to infiltrate organizations with Facebook ad accounts. DuckTail has targeted Facebook users since 2021, stealing browser cookies and hijacking logged-in Facebook sessions to steal account information, location data, and two-factor authentication tokens. For example, the spyware might steal the victim’s Facebook Business account.
On Wednesday, Meta linked DuckTail dissemination to Vietnamese threat actors and informed law authorities.
A snapshot of a malware campaign that linked to site hosting platforms targeted smaller services like Buy Me a Coffee, which creators use to receive assistance from their audiences, to host and transmit malware.
In January, Facebook found NodeStealer malware. Like DuckTail, the virus targets Windows-based browsers to harvest cookies and stored login data to hack Facebook, Gmail, and Outlook accounts. Meta took early action against the virus linked to Vietnamese threat actors. Meta claimed it requested takedowns from domain registrars and hosting providers, which the virus targeted for dissemination, within two weeks of identifying it.
“This stopped the malware. Since February 27, Nguyen and Victory have not seen any new NodeStealer malware samples.
Meta has developed capabilities to assist corporate customers in fighting malware. A new help tool walks users through finding and removing malware, and business accounts may now manage, audit, and limit account administrators. Meta also promised Facebook at Work accounts later this year. These accounts will allow business users to log in and utilize Business Manager without a personal account, preventing attacks from compromised personal accounts.
