Chrome Extension Impersonating ChatGPT Found to be Stealing Facebook Accounts
- Written by Ari Denial Cybersecurity & Tech Writer
A harmful Chrome extension named Chat-GPT has been found to extract sensitive information from Facebook accounts and generate unauthorized admin accounts to spread malicious software, as per Nati Tal , a researcher at Guardio Labs.
The malicious actors achieve this by utilizing two fake Facebook applications, “portal” and “msg_kig”, which serve as backdoors to gain complete control over the targeted profiles. The process of adding these applications to the victim’s Facebook accounts is automated.
Tal stated that, the threat actor builds a group of powerful Facebook bots and a malevolent paid media network by taking control of prominent business accounts on the platform. Through this tactic, the threat actor is able to promote Facebook paid ads while exploiting its victims, which in turn spreads the malware in a self-perpetuating, worm-like fashion.
After hijacking the Facebook business accounts, the threat actors utilize them to advertise the malware, thereby propagating the scheme and expanding the network of compromised accounts.
The incident shows how threat actors are exploiting the popularity of OpenAI’s ChatGPT by creating fake versions of the chatbot. Unsuspecting users are being tricked into installing these fake versions.
In a separate incident last month, Cyble uncovered a social engineering campaign that utilized an unauthorized ChatGPT social media page. The page directed users to malicious domains where they unknowingly downloaded information stealers such as RedLine, Lumma, and Aurora.
In addition to the fake ChatGPT extension for Chrome, fraudulent ChatGPT applications have been observed distributing SpyNote malware to users’ devices via the Google Play Store and other third-party Android app stores.
Google removed the “Quick access to Chat GPT” extension from the Chrome Web Store after it was reported to have gained 2,000 daily installations. This was confirmed by Nati Tal, a researcher at Guardio Labs.
AT&T Alerts 9 Million Customers of Data Breach Following Vendor Hack
- Written by Ari Denial Cybersecurity & Tech Writer
AT&T has revealed that an unauthorized individual accessed the Customer Propriety Network Information (CPNI) of approximately 9 million wireless customers via a vendor’s system. The affected customers are being notified by AT&T of the data breach.
The company has disclosed that the CPNI of some wireless accounts was exposed in the breach, including details such as the number of lines on an account or wireless rate plan.
It has been clarified that the exposed information did not include sensitive personal data such as Social Security Numbers, credit card information, or account passwords. The affected customers are being notified of the breach by AT&T.
The exposed CPNI data reportedly includes the first names of customers, email addresses, wireless phone numbers, and wireless account numbers.
According to AT&T, a small percentage of affected customers also had their rate plan name, monthly payment amount, past due amount, various monthly charges, and minutes used exposed in the breach. The company has stated that the exposed information was several years old.
The systems were not directly compromised in the vendor security incident that led to the data breach. The company clarified that the exposed data is mostly associated with device upgrade eligibility.
AT&T has stated that it has notified federal law enforcement agencies about the unauthorized access of its customers’ CPNI data, as required by the Federal Communications Commission. The company has also informed the affected customers about the breach through CPNI breach notification letters.
AT&T is advising its customers to toggle off CPNI data sharing on their accounts to reduce exposure risks in the future. Customers can make a CPNI Restriction Request to limit the sharing of their CPNI data for third-party vendor marketing purposes. This will help prevent unauthorized access to their data through third-party vendors in the future.
