Malicious Chrome Extensions Steal ChatGPT Access and Hijack Affiliate Links
These articles are AI-generated summaries. Please check the original sources for full details.
Malicious Chrome Extensions Uncovered
Cybersecurity researchers have discovered a network of malicious Google Chrome extensions that can hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens from users. The extensions, which include Amazon Ads Blocker and ChatGPT Mods, were found to have been downloaded over 900 times and have affected more than 100,000 users.
Why This Matters
The discovery of these malicious extensions highlights the risks associated with installing third-party browser extensions, even from trusted sources. The extensions’ ability to steal sensitive data and authentication tokens can have significant consequences, including financial loss and identity theft. According to researchers, the extensions’ malicious behavior can result in a loss of commissions for social media content creators and a violation of Chrome Web Store policies.
Key Insights
- 29 malicious Chrome extensions were discovered, including Amazon Ads Blocker and ChatGPT Mods, which can hijack affiliate links and steal ChatGPT authentication tokens.
- The extensions were found to have been downloaded over 900 times and have affected more than 100,000 users.
- The malicious extensions can scrape product data and exfiltrate it to external servers, and can also inject malicious code into websites to steal sensitive information.
Working Example
// Example of malicious code injected by Amazon Ads Blocker
function injectAffiliateTag(url) {
// Replace existing affiliate tag with attacker's tag
url = url.replace(/(tag=)[^&]*/, '$110xprofit-20');
return url;
}Practical Applications
- Use Case: Malicious browser extensions can be used to steal sensitive information, such as authentication tokens and credit card numbers, from unsuspecting users.
- Pitfall: Installing third-party browser extensions from untrusted sources can result in the installation of malicious software, which can compromise user data and security.
References:
Continue reading
Next article
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score
Related Content
Two Chrome Extensions Stole ChatGPT & DeepSeek Chats from 900,000 Users
Security researchers discovered two malicious Chrome extensions with 900,000 installs secretly collecting ChatGPT and DeepSeek chats and browsing data.
Fake AI Chrome Extensions Stole 900K Users' Data
Nearly 900,000 users had their ChatGPT and DeepSeek data stolen via malicious Chrome extensions mimicking legitimate AI tools.
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data
Seven critical vulnerabilities in ChatGPT's GPT-4o and GPT-5 models allow attackers to inject malicious prompts and exfiltrate user data.