16 Fake ChatGPT Extensions Caught Hijacking User Accounts

A coordinated campaign of 16 malicious GPT optimisers has been caught hijacking ChatGPT accounts. These tools steal session tokens to access private chats, Slack, and Google Drive files.

A group of 16 malicious browser extensions has been caught masquerading as ChatGPT productivity aids in an attempt to hijack user accounts. Discovered by the research firm LayerX Security, these add-ons don’t try to break into ChatGPT itself but wait for a user to log in and then snatch their digital credentials.

The campaign involves at least 16 distinct extensions, all developed by the same threat actor. This seems to be a calculated move to ensure wider reach and keep the campaign alive in case one version was flagged, as others will find their way onto users’ computers.

While the campaign has seen roughly 900 downloads so far, a figure LayerX researchers call a “drop in the bucket” compared to massive ...