Facebook emphasized the surge in malware masquerading as ChatGPT

On May 3rd, social media titan Facebook’s security team released a Q1 quarterly security report, detailing their efforts and accomplishments in safeguarding businesses from malicious software attacks. In the report, Facebook emphasized the surge in malware masquerading as ChatGPT.

Facebook’s Chief Information Security Officer, Guy Rosen, stated in the press release that malware operators, much like spammers, are keenly aware of popular trends at all times. They invariably seize upon current hot topics to capture public attention. Facebook has observed that the latest wave of malicious software activity has begun to exploit generative artificial intelligence technology as bait.

An example of malware hosted on a third-party website disguised as a ChatGPT download.

According to the report, since October alone, Facebook’s security analysts have identified approximately ten malware families impersonating ChatGPT and similar tools. Some threat actors disguise their malware as ChatGPT browser extensions in official stores, claiming to offer ChatGPT-related utilities (some of which do indeed provide ChatGPT functionality, likely to deceive platforms and users).

Facebook has detected and blocked over 1,000 malicious URLs sharing these extensions within its applications, reporting them to industry peers hosting the malicious software on their file-sharing services, allowing them to take appropriate action.

It is important to recognize that this issue is not unique to the generative AI domain; it is merely a new iteration of an old problem—previously, the trend involved cryptocurrency scams related to decentralized digital currencies.

  1. To determine whether one has fallen victim to such schemes, typical indicators include:
  2. Suspicious activity on online accounts;
  3. The noticeable slowdown in device performance;
  4. Unfamiliar toolbars, icons, or tabs in the browser;
  5. Scam pop-up windows in the browser;
  6. Decreased device battery life.

If any of these abnormal behaviors are detected on a device or online account, it is likely that malware has been inadvertently downloaded. To protect personal information and financial security, it is advised to promptly remove the malicious software from the device and scan it with a reliable antivirus program.