Meta Warns Users to be Cautious about Malware Masked as ChatGPT
On the heels of Geoffrey Hinton – “The Godfather of AI” - resigning from his position at Google, Meta has become the next high profile figure to warn of the dangers of AI.
Meta, parent company of Facebook and Instagram, released a new report stating their security team has noticed new malware threats that take advantage of the AI craze sweeping the world in 2023.
“Over the past several months, we’ve investigated and taken action against malware strains taking advantage of people’s interest in OpenAI’s ChatGPT to trick them into installing malware pretending to provide AI functionality,” the company explains in their new report.
Meta also claims that they have discovered “around ten new malware families” that use AI chatbot tools like ChatGPT to hack into users’ accounts.
One of the main ways Meta says malware is being spread is through web browser extensions that claim to offer ChatGPT-like functionality. Users expect that the extensions will provide them AI chatbot capabilities on browsers like Chrome and Firefox – some of the extensions even actually work. However, the malware attached to the extensions allow threat actors to access the users’ device.
In the report, Meta discloses they have discovered over 1,000 unique URLs that directs users to malware that is either disguised as ChatGPT or another AI-related tool. All of the discovered URLs have been blocked from being shared on Meta properties like Facebook, Instagram and Whatsapp.
The company states that once a user downloads the malware, the attack is immediately launched. The threat actors are always updating their methods to get around security protocols as well. Meta noted that in one instance where an account was compromised, the cybercriminals were able to take over a business account and access advertising permissions.
Meta has reported all of the malicious links they’ve found to the various domain registrars and hosting providers that are linked to the cybercriminals.
Story via Mashable