This fake ChatGPT Chrome Extension could compromise your Facebook account

Man having Windows 11 problems with his laptop
(Image credit: Marjan Apostolovic / Shutterstock)

Google has removed a ChatGPT extension from the Chrome Web Store that was stealing Facebook cookies - but not until about 9,000 people had installed the malicious bot. 

The compromising extension is called Chat GPT (notice the odd space in the name of the extension), which is nearly identical in name and code to the actual extension, ‘ChatGPT for Google’. The Register noted that the fake extension is even based on the same open-source project used by the original ChatGPT for Google tool. This means the scammers behind the bad bot just had to drop a few new lines of cookie-stealing code to get the extension where they wanted it.

This of course creates a fake add-on that looks and behaves just like ChatGPT from the user's perspective and so can often go undetected - and since it was in the Chrome Web Store, there was no obvious reason to suspect it. We’ve recommended the original ChatGPT for Google Chrome extension in our previous articles and it’s sad to see such a helpful tool so quickly compromised by cookie thieves.

According to a blog post by Guardio Labs, this ‘FakeGPT’ variant seems to only have one malicious action post-installation. Once installed, the extension filters Facebook-related cookies from the full list acquired via the Chrome Extension APO and smuggles those digital baked goods back to the attacker.

Once these cookies have been stolen, attackers can change account login info and lock original users out of their account, hijack pages to spread propaganda or promote further scams. Ever had a random message from a buddy asking for a large sum of money for a very dubious reason? Or had someone's page flooded with porn bots? Things like that.

The fake extension went up on the Chrome Web Store on February 14 this year and was promoted via search ads on March 14. So beware, and tell your AI chatbot buddies to keep an eye out for suspicious extension names. And remember, there are no official Chrome extensions for any of the big chatbots at this time.

The safest way to access ChatGPT is to go to the official site, and the same goes for any other chatbot provider.

How to identify and avoid fake ChatGPT extensions on Chrome

The ever-increasing, potentially permanent popularity of chatbots like ChatGPT, Google Bard and Microsoft Bing AI makes them incredibly attractive targets for cybercriminals - as our good friends at TechRadar Pro have noted. In the two months it’s been around, ChatGPT has gained an estimated 100 million active users and that number will only increase with time. 

If you’re still after the Google Extensions, always check the publisher of the extension before you download it. Does the publisher have other products on Chrome Web Store? If you search for them do they have a website or a social media presence? Ensuring your digital products come from a reputable source is half the battle when it comes to avoiding scams like this.

Once you’re certain the publisher is legit, double-check the permissions. Is it asking you for weird, maybe invasive permissions? A lot more than normal? If so, you’re better off dropping the extension. And lastly, if you’re getting bombarded by pop-ups, run. 

Muskaan Saxena
Computing Staff Writer

Muskaan is TechRadar’s UK-based Computing writer. She has always been a passionate writer and has had her creative work published in several literary journals and magazines. Her debut into the writing world was a poem published in The Times of Zambia, on the subject of sunflowers and the insignificance of human existence in comparison. Growing up in Zambia, Muskaan was fascinated with technology, especially computers, and she's joined TechRadar to write about the latest GPUs, laptops and recently anything AI related. If you've got questions, moral concerns or just an interest in anything ChatGPT or general AI, you're in the right place. Muskaan also somehow managed to install a game on her work MacBook's Touch Bar, without the IT department finding out (yet).