A Chrome Extension propelling quick access to fake ChatGPT functionality was found to be hijacking Facebook accounts and installing hidden account backdoors. Particularly noticeable is the use of a malevolent silently forced Facebook app “backdoor” giving the threat actors super-admin permissions.
By hijacking high-profile Facebook business accounts, the threat actor creates an elite army of Facebook bots and a malicious paid media apparatus. This allows it to push Facebook paid ads at the expense of its victims in a self-propagating worm-like manner.
Following Guardio’s report regarding this malicious extension to Google, the extension is now removed from Chrome’s store.