ChatGPT: Beware of These Malicious Chrome Extensions

Are Your ChatGPT Secrets Truly Secure?

The massive hype surrounding ChatGPT has led to the birth of thousands of Chrome extensions promising to enhance user experience. However, a recent study has revealed that two popular extensions were acting as full-blown spyware, siphoning chat histories and browsing data from unsuspecting users.

The Modus Operandi: Script Injection

These extensions, often marketed as “search assistants” or “prompt optimizers,” hide malicious code within their updates. Once installed, they have the capability to read everything you type into the ChatGPT interface. Even more alarming, they can access session cookies, potentially allowing hackers to hijack your accounts.

Why is Your AI Data Being Targeted?

Conversations with an AI are a goldmine for cybercriminals. They often contain sensitive corporate information, source code, or personal details that users share without hesitation. This data can be sold on the dark web or used for highly targeted phishing attacks (spear-phishing).

Best Practices for Your Digital Safety

To browse safely, Reeboot recommends the following:

1. Digital Minimalism: Install only the extensions you strictly need.
2. Developer Auditing: Check reviews and the developer’s history before clicking install.
3. Regular Audits: Visit chrome://extensions and remove anything you don’t use daily. Vigilance remains your best defense in a technological landscape where innovation often attracts unwanted attention.