Hackers Use ChatGPT To Spread Malware On Facebook, Instagram, And WhatsApp
Some people are concerned that chatbots with generative AI, like ChatGPT could one day be used to create malware. The bigger issue is now that ChatGPT is popular. The scammers use ChatGPT sites and apps to steal personal data from their victims.
On Wednesday, researchers at Facebook parent company Meta warned that malicious groups – including Ducktail and NodeStealer – are now posing as ChatGPT and similar tools, where they target people through malicious browser extensions, ads, and even various social media platforms with the aim to run unauthorized ads from compromised business accounts across the Internet.
Meta has said that they have detected and stopped these malware operations. This includes previously unknown malware families. They also claim to have seen adversaries adapt quickly in response.
Our security teams are tackling malware – one of the most persistent threats online – as part of our defense in depth approach through multiple efforts at once. That’s why our security teams tackle malware – one of the most persistent threats online – as part of our defense-in-depth approach through multiple efforts at once,” Meta’s Duc H. Nguyen and Ryan Victory noted in a blog post on Wednesday.
Meta’s research has found that since March around 10 malware families have been using ChatGPT or other themes similar to compromise online accounts.
Nguyen & Victory added that in one instance, threat actors created malicious extensions for official web shops with the claim of offering ChatGPT-based software. Then, they would use sponsored search engine results and social media to promote their malicious extensions in order to get people downloading malware. “In fact, these extensions were bundled with working ChatGPT features alongside the malware. This was likely done to avoid suspicion by official web stores.”
Meta states that it has stopped more than 1,000 ChatGPT malicious URLs being shared across its platforms. Meta has also shared the URLs it blocked with industry partners.
TechCrunch reports that the Vietnam-based Ducktail Malware operation has been targeting Facebook users from 2021. Now, it is spoofing ChatGPT in order to steal browser cookie while hijacking logged-in Facebook session to gain access to information on the victim’s Facebook Account, such as account information, location, and 2-factor authentication codes.
NodeStealer is a node-stealer.
Researchers at Facebook discovered NodeStealer, a malware that steals information in January. This malware allows hackers to use stolen browser cookies in order to gain access to accounts on social media, Gmail or Outlook.
“We identified NodeStealer early – within two weeks of it being deployed – and took action to disrupt it and help people who may have been targeted to recover their accounts,” Nguyen and Victory explained. As part of our efforts, we sent takedown requests for third-party hosting services, …read more
Source:: Social Media Explorer