When you’re being bombarded with info about the sexiest new tech of the year — that is, ChatGPT and other instances of generative AI — you should expect that someone’s going to attempt to do something scummy to take advantage of it.
And that, according to web giant Meta’s latest threat update, is exactly what’s happening. Among the ten new malware strains the platform has encountered so far this year, some were “posing as ChatGPT browser extensions and productivity tools”. New variants of malware called Ducktail and a new threat known as NodeStealer were also encountered.
Use caution with ChatGPT
Meta has, since March this year, removed more than 1,000 links to malware posing as ChatGPT browser extensions and apps. In some cases, those apps actually have some sort of AI integration, “likely to avoid suspicion from official web stores”. Their actual purpose is to harvest account credentials from the devices they’re installed on. That’s trouble if you’re logged into your personal accounts. In the case of business accounts, there’s great potential for disaster.
Compromised personal accounts often lead to compromised business accounts, according to Meta. More advanced malware that “[attempts] to evade two-factor authentication or [has] the ability to automatically scan for and detect connections between the compromised account and business accounts it might be linked to” has turned up for this purpose. Business accounts, specifically those that advertise on Meta’s platforms, tend to have credit card data linked to them. More attractive targets attract more determined threats.
You can find more detail on the behaviour of Ducktail, Nodestealer, and the ChatGPT impersonation threats on the company’s Malware Threat Landscape page.