ChatGPT Browser Extension Hijacks Facebook Business Accounts
Between March 3 and March 9, at least 2,000 people a day downloaded the malicious "Quick access to ChatGPT" Chrome extension from the Google Play app store.
Stay secure online with the latest browser extension updates, reviews, and threat alerts in information security. Protect your data with us.
Search across headline titles and summaries.
Background for this topic.
Browser extensions are small software add-ons that enhance or modify web browser functionality, such as blocking ads, managing passwords, or customizing page content. They operate within the browser environment and often require explicit permissions to access user data, browsing activity, or webpage content. Extensions are typically installed from official browser stores or third-party sources.
From a security perspective, extensions can pose risks if granted excessive permissions or sourced from untrusted developers. Malicious or compromised extensions may intercept sensitive information, inject harmful scripts into web pages, or enable tracking beyond normal browser capabilities. Security practitioners should carefully evaluate extension permissions, restrict installations to trusted sources, and ensure timely updates to mitigate risks related to data leakage, unauthorized access, or persistent browser compromise.
Between March 3 and March 9, at least 2,000 people a day downloaded the malicious "Quick access to ChatGPT" Chrome extension from the Google Play app store.