Meta said it took steps to take down more than 1,000 malicious URLs from being shared across its services that were found to leverage OpenAI’s ChatGPT as a lure to propagate about 10 malware families since March 2023.
The development comes against the backdrop of fake ChatGPT web browser extensions being increasingly used to steal users’ Facebook account credentials with an aim to run unauthorized ads from hijacked business accounts.
“Threat actors create malicious browser extensions available in official web stores that claim to offer ChatGPT-based tools,” Meta said. “They would then promote these malicious extensions on social media and through sponsored search results to trick people into downloading malware.”
