Hackers are increasingly using malware diguised as ChatGPT, as well as other generative chatbots and neural networks to lure victims to social networks. Attackers are exploiting people’s interest in artificial intelligence to trick gullible Facebook, Instagram, and WhatsApp users into stealing their credentials, Meta noted in the report.
According to the paper, Meta documented an increase in the number of scammers using ChatGPT and other AI projects as bait. In March and April 2023 alone, the company discovered 10 malware families exploiting ChatGPT and other neural networks to deceive users. One case involved a browser extension allegedly offering tools based on ChatGPT, the company said. The malicious extension was available in official Web stores and promoted through social media to find victims.
Among the malware, Meta noted DuckTail and NodeStealer as particularly common in this way. DuckTail is an infostealer that has been actively used in attacks against Facebook users since 2021. The malware is capable of stealing browser cookies as well as hijacking Facebook login sessions. After a successful attack, hackers can gain access to account information, geolocation, and two-factor authentication codes, as well as hijack the victim’s business account controls.
The second malware, NodeStealer, was discovered relatively recently, in January. It works in a similar way to DuckTail, but in addition to Facebook, it can also compromise Gmail and Microsoft Outlook accounts.
Meta has already taken countermeasures
According to the company, Meta is already actively fighting the practice of using AI as bait. In one case, for example, it took action within two weeks of detecting the malware in conjunction with domain registrars and hosting providers to remove the software. After that, NodeStealer no longer bothered users.
In addition, Meta implemented security features designed to help counter cyberattacks on users with business accounts. Among other things, the company noted a new support tool, additional controls, and launch of Facebook at Work accounts not requiring a personal account to work with Business Manager.