Meta’s security team has warned that hackers are exploiting increased public interest in ChatGPT and similar generative AI chatbots to spread novel malware on its platform and take over accounts.
In its Q1 security report, the team said threat actors are exploiting people’s interest in AI chatbots such as OpenAI’s chatGPT and Google’s Bard to trick people into installing malicious applications.
The campaign follows a predictable trend of bad actors exploiting high-engagement topics such as cryptocurrency and now chatGPT to distribute malware.
“This is not unique to the generative AI space,” Meta security report stated. “As an industry, we’ve seen this across other topics popular in their time, such as crypto scams fueled by the interest in digital currency.”
Hackers use ChatGPT-themed malware to take over online accounts
Since March 2023, Meta discovered, blocked, and reported over 1,000 unique chatGPT-themed malicious web addresses.
While some malevolent applications claiming to offer chatGPT-based tools have working features, they include malicious code that infects users’ devices.
“For example, we’ve seen threat actors create malicious browser extensions available in official web stores that claim to offer ChatGPT-related tools,” Meta researchers Duc H Nguyen and Ryan Victory said in a blog post. “In fact, some of these malicious extensions did include working ChatGPT functionality alongside the malware.”
According to the Meta security report, the chatGPT-themed malicious applications stole saved credentials to hijack accounts and run unauthorized ads.
Ducktail and NodeStealer disguised as ChatGPT applications
Meta discovered 10 malware strains, including Ducktail and NodeStealer, impersonating ChatGPT or similar tools spreading across its social networks.
“As the world continues to embrace artificial intelligence’s groundbreaking potential, cybercriminals target popular websites, social media, and the latest tools to exploit their popularity to steal users’ data and further attack their trusted connections,” said James McQuiggan, security awareness advocate at KnowBe4. “As seen with cryptocurrency interest, the rapid increase of new technology creates a breeding ground for scams and malicious activities.”
According to the researchers, Ductail malware hijacked logged-in sessions, browser cookies, account information, location data, and two-factor authentication codes to compromise accounts and access Facebook ad accounts.
Meta attributed the Ducktail malware to Vietnamese threat actors, who it served with cease and desist letters and reported to relevant law enforcement authorities.
Similarly, NodeStealer extracted saved login information to compromise online accounts such as Facebook, Gmail, and Outlook by targeting browsers on the Windows operating system.
“NodeStealer is custom written in JavaScript and bundles the Node.js environment,” Meta said. “We assessed the malware to be of Vietnamese origin and distributed by threat actors from Vietnam.”
The Facebook, Instagram, and WhatsApp parent company believes its quick actions prevented hackers from victimizing more users.
For example, Meta discovered the NodeStealer malware strain within two weeks of it being deployed and helped victims recover their compromised accounts.
“These actions led to a successful disruption of the malware,” Meta researchers wrote. “We have not observed any new samples of malware in the NodeStealer family since February 27 of this year and continue monitoring for any potential future activity.”
Additionally, Meta reported the associated malicious domains to registrars and hosting companies, actions which undermined the hackers’ ability to distribute malware.
However, Meta observed that hackers frequently updated their tactics to evade detection. For example, they began using link shorteners to hide the malicious link destinations and circumvent automated ad review systems.
Similarly, they pivoted to other themes, such as impersonating Google’s Bard and TikTok support or claiming to offer pirated software, movies, or Windows utilities.
“ChatGPT was used as an island hop,” said Tom Kellermann, SVP of cyber strategy at Contrast Security. “Once again, APIs have become the new attack vector.”
Additionally, the hackers started leveraging smaller but trusted services such as Buy Me Coffee to host and distribute malicious applications.
“These changes are likely an attempt by threat actors to ensure that any one service has only limited visibility into the entire operation.”
Seemingly, the hackers’ ability to leverage multiple services in a single campaign is undermining Meta’s ability to curb the spread of malware on its platforms.