Cybercriminals are leveraging the growing popularity of ChatGPT to disseminate malware through hijacked Facebook accounts, according to a report by cyber intelligence firm CloudSEK. The investigation found 13 Facebook pages or accounts, some with Indian content, with a combined following of over 500,000 that had been compromised and were being used to distribute malware via Facebook ads.
CloudSEK’s cyber intelligence analyst Bablu Kumar stated, “Cybercriminals are capitalizing on the popularity of ChatGPT, exploiting Facebook’s vast user base by compromising legitimate Facebook accounts to distribute malware via Facebook ads, putting users’ security at risk.”
The report reveals that cybercriminals are using authentic Facebook accounts to spread malware, taking advantage of the social media giant’s extensive user base. The compromised pages have been hijacked since February 2023. CloudSEK urges users to remain vigilant and to be aware of such malicious activities on the platform.
Furthermore, CloudSEK has identified at least 25 websites that are impersonating the OpenAI website. These malicious sites trick users into downloading and installing harmful software, posing a significant threat to their privacy and security.
According to Kumar, the malware is not only capable of stealing sensitive information such as PII, system information, and credit card details but can also spread through removable media. Additionally, it can escalate privileges and persistently remain on the system, posing a severe risk to users.
In conclusion, it is crucial for users to be cautious and proactive in securing their online presence. It is essential to remain vigilant and avoid clicking on suspicious ads or links. Keeping antivirus software updated and installing the latest security patches are also recommended to safeguard devices from malware and cyber threats.