Meta Warns of Fake ChatGPT Tools Containing Malware
Meta has released a report stating that cybercriminals are increasingly spreading malware via fake ChatGPT tools across Facebook, Instagram, and WhatsApp. Attackers are taking advantage of the popularity of the AI chatbot to lure unsuspecting users into downloading malicious browser extensions that can compromise their personal accounts. Since March this year, Meta's security teams have identified 10 malware families using the chatbot’s branding.
In the blog post, Meta's security engineers described how threat actors are advertising these fake extensions on social media and through sponsored search results to trick individuals with an interest in ChatGPT.
DuckTail is one malware family that has targeted Facebook users since 2021, stealing their browser cookies and taking over their active Facebook sessions. By doing so, it gains access to personal information such as account details, location data, and two-factor authentication codes. The malware also enables the threat actor to hijack any Facebook Business accounts the victim can access.
Hackers distributing the DuckTail malware have started using these AI-themed lures to specifically target businesses with Facebook ad accounts, making it easier for them to compromise the accounts.
Meta has traced DuckTail to threat actors based in Vietnam. The company has issued cease-and-desist letters to the individuals responsible for the operation and informed law enforcement.
Another malware, NodeStealer, has also been identified by the social media site. Discovered in January, NodeStealer targets Windows-based browsers and aims to steal cookies and saved login information to access Facebook, Gmail, and Microsoft Outlook accounts.
Meta responded swiftly to the discovery of the NodeStealer malware by submitting takedown requests with domain registrars and hosting providers. These efforts proved to be successful in disrupting the malware, and Meta has not observed any new samples in the NodeStealer family since 27th February.
New features have been introduced to assist Meta business users in defending against malware attacks. This includes a step-by-step support tool that guides users in detecting and removing malware, as well as updated controls for business accounts, which enable better management, auditing, and limiting of account administrator access. Meta also plans to launch Meta Work accounts later in the year, allowing business users to operate Business Manager without needing a personal account.