Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate updates.
Analyzed by researchers at Extension Total, the cybercriminal campaign has managed to take over the accounts of at least 36 Google Chrome extensions that provide AI and VPN services. The compromised extensions include “Bard AI Chat,” “ChatGPT for Google Meet,” “ChatGPT App,” “ChatGPT Quick Access,” “VPNCity,” “Internxt VPN,” and more, which are used by an estimated total of 2.6 million people.
Read more…
Source: Malwarebytes Labs
Related:
- Hackers struggle morally and economically over Coronavirus
April 9, 2020
With the Coronavirus pandemic in full swing, threat actors are torn about how they should operate during the pandemic, and like everyone else, are also seeing a downturn in the underground hacker marketplace. In mid-March, BleepingComputer asked numerous ransomware operators whether they would stop targeting health care companies during the Coronavirus pandemic. Some operators stated they would no ...
- Unique P2P Architecture Gives DDG Botnet ‘Unstoppable’ Status
April 9, 2020
The coin-mining botnet known as DDG has seen a flurry of activity since the beginning of the year, releasing 16 different updates over the course of the past three months. Most notably, its operators have adopted a proprietary peer-to-peer (P2P) mechanism that has turned the DDG into a highly sophisticated, “seemingly unstoppable” threat, according to ...
- Copycat Site Serves Up Raccoon Stealer
April 9, 2020
Someone is targeting web denizens with a malicious, copycat Malwarebytes website, which serves up the Raccoon information stealer malware to unsuspecting visitors. According to the security firm itself, the attackers set up the domain “malwarebytes-freecom” with a domain registrar in Russia in late March. “We don’t expect to hear from either the registrar or hosting provider,” ...
- FIN6 and TrickBot Combine Forces in ‘Anchor’ Attacks
April 7, 2020
Researchers say, two cybercriminal groups, FIN6 and the operators of the TrickBot malware, have paired up together to target several organizations with TrickBot’s malware framework called “Anchor.” The two threat groups joining forces is a “new and dangerous twist” in an existing trend of cybercrime groups working together, say researchers with IBM X-Force. The FIN6 group (also known as “ITG08”) has ...
- Email provider got hacked, data of 600,000 users now sold on the dark web
April 7, 2020
The data of more than 600,000 Email.it users is currently being sold on the dark web, ZDNet has learned following a tip from one of our readers. “Unfortunately, we must confirm that we have suffered a hacker attack,” the Italian email service provider said in a statement to ZDNet on Monday. The Email.it hack came to light on Sunday, ...
- Analysis: Suspicious “Very Hidden” Formula on Excel 4.0 Macro Sheet
April 6, 2020
A malicious Microsoft Excel 4.0 Macro sheet with a suspicious formula that is set as “Very Hidden” was submitted by a customer and further analyzed by Trend Micro researchers. The sheet is not readily accessible via the Microsoft Excel User Interface (UI) due to a feature documented in the Microsoft website that allows users to hide sheets. ...