We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Meta Warns of Fake ChatGPT Tools Containing Malware

Meta Warns of Fake ChatGPT Tools Containing Malware
Author Image Keira Waddell
Keira Waddell Published on 5th May 2023 Senior Writer

Meta has released a report stating that cybercriminals are increasingly spreading malware via fake ChatGPT tools across Facebook, Instagram, and WhatsApp. Attackers are taking advantage of the popularity of the AI chatbot to lure unsuspecting users into downloading malicious browser extensions that can compromise their personal accounts. Since March this year, Meta's security teams have identified 10 malware families using the chatbot’s branding.

In the blog post, Meta's security engineers described how threat actors are advertising these fake extensions on social media and through sponsored search results to trick individuals with an interest in ChatGPT.

DuckTail is one malware family that has targeted Facebook users since 2021, stealing their browser cookies and taking over their active Facebook sessions. By doing so, it gains access to personal information such as account details, location data, and two-factor authentication codes. The malware also enables the threat actor to hijack any Facebook Business accounts the victim can access.

Hackers distributing the DuckTail malware have started using these AI-themed lures to specifically target businesses with Facebook ad accounts, making it easier for them to compromise the accounts.

Meta has traced DuckTail to threat actors based in Vietnam. The company has issued cease-and-desist letters to the individuals responsible for the operation and informed law enforcement.

Another malware, NodeStealer, has also been identified by the social media site. Discovered in January, NodeStealer targets Windows-based browsers and aims to steal cookies and saved login information to access Facebook, Gmail, and Microsoft Outlook accounts.

Meta responded swiftly to the discovery of the NodeStealer malware by submitting takedown requests with domain registrars and hosting providers. These efforts proved to be successful in disrupting the malware, and Meta has not observed any new samples in the NodeStealer family since 27th February.

New features have been introduced to assist Meta business users in defending against malware attacks. This includes a step-by-step support tool that guides users in detecting and removing malware, as well as updated controls for business accounts, which enable better management, auditing, and limiting of account administrator access. Meta also plans to launch Meta Work accounts later in the year, allowing business users to operate Business Manager without needing a personal account.

About the Author

Keira is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.