More threat actors have been leveraging ChatGPT lures to facilitate malware distribution on Facebook, WhatsApp, and Instagram, with Facebook parent firm Meta noting the emergence of 10 malware families using ChatGPT since March, TechCrunch
Malicious browser extensions purporting to offer ChatGPT-based tools have been used by Vietnamese threat actors to deploy the DuckTail malware, which has browser cookie exfiltration and Facebook session-hijacking capabilities, noted Meta security engineers Duc Nguyen and Ryan Victory.
Individuals behind DuckTail have already been sent a cease-and-desist by Meta. Moreover, Meta was also able to dismantle the NodeStealer information-stealing malware
, which has also been linked to Vietnamese threat actors, through takedown requests sent to hosting providers and domain registrars.
"These actions led to a successful disruption of the malware. We have not observed any new samples of malware in the NodeStealer family since February 27 of this year and continue monitoring for any potential future activity," Nguyen and Victory said.