Facebook accounts hijacked by new malicious ChatGPT Chrome extension

Rasheed187 · May 27, 2023

I seriously don't get it. I remember in some other topic about rogue extensions we discussed about the capabilities that extensions have, but if I understood correctly any extension can hijack or steal cookies? How is this not fixed yet by the big browser developers, or am I missing something?

Upon the extension's installation, malicious code uses the OnInstalled handler function to steal Facebook session cookies.

These stolen cookies allow the threat actors to log in to a Facebook account as the user and gain full access to their profiles, including any business advertising features.

The malware abuses the Chrome Extension API to acquire a list of Facebook-related cookies and encrypts them using an AES key. It then exfiltrates the stolen data via a GET request to the attacker's server.
Click to expand...

https://www.bleepingcomputer.com/ne...ed-by-new-malicious-chatgpt-chrome-extension/

Rasheed187 · Jun 10, 2023

Here is another malicious extension with 2FA bypassing capabilities. This extension was however installed by malware and not available directly via the Chrome Webstore.

Hackers use Rilide browser extension to bypass 2FA, steal crypto

Security researchers discovered a new malicious browser extension called Rilide, that targets Chromium-based products like Google Chrome, Brave, Opera, and Microsoft Edge. The malware is designed to monitor browser activity, take screenshots, and steal cryptocurrency through scripts injected in web pages.
Click to expand...

https://www.bleepingcomputer.com/ne...browser-extension-to-bypass-2fa-steal-crypto/

Log in or Sign up

Facebook accounts hijacked by new malicious ChatGPT Chrome extension

Rasheed187 Registered Member

Rasheed187 Registered Member

Log in or Sign up

Facebook accounts hijacked by new malicious ChatGPT Chrome extension

Rasheed187 Registered Member

Rasheed187 Registered Member

Useful Searches