Security researchers have identified another threat leveraging the popularity of ChatGPT to spread malware and conduct nefarious activities. The latest attack is a fraudulent Chrome extension masquerading as ChatGPT. The threat actors behind the application forked a legitimate open source extension and added malicious code to steal Facebook session cookies from victims. The threat actors behind the extension have also created malicious sponsored search engine results in order to promote the application.

The fraudulent extension is reportedly difficult to distinguish from the legitimate version, security researchers state. The malicious code steals cookies and encrypts and exfiltrates them, allowing threat actors to obtain on-demand access to compromised accounts. In this instance, the threat actors change the log in details and lock the user out.

