Reports state that since its appearance on March 3, 2023, this extension has been installed by more than 2000 users daily. “Not only this malicious extension is free-roaming on the official Chrome store, but it is also abusing Facebook’s official applications API in a way that should have triggered policy enforcers’ attention already,” Guardio Labs. This enables the extension to utilize Meta’s Graph API for developers, giving the threat actor rapid access to your details and the ability to perform activities on your behalf from within your Facebook account via straightforward API calls. This is important since, in most circumstances, the browser already has an active and authenticated session with nearly all your daily services, such as Facebook. This is precisely what the extension promises.Īs a result, it can send any request to any other service, just as if the browser owner were the one requesting the first place. From malvertising, extension installation, hijacking Facebook accounts, and back again to propagationĪfter you click on the extension icon after it has been installed, a small popup window with a prompt to ask ChatGPT whatever you want appears.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |