Meta has uncovered about ten new malware variants that leverage AI chatbot tools, such as OpenAI’s ChatGPT, to gain access to user accounts. It lured users into downloading malicious apps and browser extensions, the company’s security report noted.
Since March, the company found more than 1,000 malicious links that were promoted as tools featuring the popular artificial intelligence-powered chatbot.
The social media giant said that attackers distributing the DuckTail malware have moved to AI-themed lures in an attempt to compromise businesses with access to Facebook ad accounts. In some cases, the malware delivered working ChatGPT functionality alongside abusive files.
Meta also noted a new malware it discovered in January called NodeStealer that targeted Windows-based browsers to steal cookies and saved login credentials to compromise Facebook, Gmail, and Microsoft Outlook accounts.
A Reuters report noted that Meta Chief Information Security Officer Guy Rosen said that for bad actors, “ChatGPT is the new crypto.” The report further said that Rosen and other Meta executives informed that Meta was preparing its defenses for potential abuses linked to generative AI technologies like ChatGPT, which can create human-like writing, music, and art.
The company took early action against the malware. It noted that there were no new samples of malware in the NodeStealer family since February 27, 2023. The social media giant has added new features to help business users of its products to escape malware attacks. TechCrunch reported that the company is also set to launch Facebook at Work accounts later this year for businesses to log ing and operate Business Manager.