Home > Tech

Meta warns Facebook users about malware disguised as ChatGPT

Malicious actors are weaponizing the hype around AI tools.
 By 
Matt Binder
 on 
Share on Facebook Share on Twitter Share on Flipboard
Meta logo with user on mobile device
A new report from Meta warns about malware disguised as AI tools. Credit: Rafael Henrique/SOPA Images/LightRocket via Getty Images

AI tools are all the rage right now. Everyone is obsessed with it…even hackers.

According to a new report from Facebook parent company Meta, the company's security team has been tracking new malware threats, including ones that weaponize the current AI trend.

"Over the past several months, we’ve investigated and taken action against malware strains taking advantage of people’s interest in OpenAI’s ChatGPT to trick them into installing malware pretending to provide AI functionality," Meta writes in a new security report released by the company.

You May Also Like

Meta claims that it has discovered "around ten new malware families" that are using AI chatbot tools like OpenAI's popular ChatGPT to hack into users' accounts.

One of the more pressing schemes, according to Meta, is the proliferation of malicious web browser extensions that appear to offer ChatGPT functionality. Users download these extensions for Chrome or Firefox, for example, in order to use AI chatbot functionality. Some of these extensions even work and provide the advertised chatbot features. However, the extensions also contain malware that can access a users' device.

According to Meta, it has discovered more than 1,000 unique URLs that offer malware disguised as ChatGPT or other AI-related tools and has blocked them from being shared on Facebook, Instagram, and Whatsapp. 

According to Meta, once a user downloads malware, bad actors can immediately launch their attack and are constantly updating their methods to get around security protocols. In one example, bad actors were able to quickly automate the process which takes over business accounts and provides advertising permissions to these bad actors.

Meta says it has reported the malicious links to the various domain registrars and hosting providers that are used by these bad actors.

In their report, security researchers at Meta also dive into the more technical aspects of recent malware, such as Ducktail and NodeStealer. That report can be read in full.


Topics Cybersecurity Facebook Meta ChatGPT

Mashable Potato
Recommended For You
Everything you need to know about the malware stealing data from Mac users
By Matt Binder
MacBook in the dark using Terminal
Popular Chrome extension disabled for containing malware
By Matt Binder
Google Chrome logo
ChatGPT GPT-4o users are raging at OpenAI on Reddit right now
By Matt Binder
ChatGPT GPT-4o
FBI investigates Steam games with hidden malware
By Matt Binder
Steam logo on laptop
Meta 'Supreme Court' wants your take on banning users
By Chris Taylor
The Meta logo, white on blue, with blurred figures passing by.
Trending on Mashable
NYT Connections hints today: Clues, answers for April 3, 2026
By Mashable Team
Connections game on a smartphone
Wordle today: Answer, hints for April 3, 2026
By Mashable Team
Wordle game on a smartphone
AirDrop on Pixel: Every Google smartphone that supports the Apple feature
By Alex Perry
Google Pixel 10 against blue background
What's new to streaming this week? (April 3, 2026)
By Belen Edwards and Kristy Puchko
A composite of images from film and TV streaming this week.
NYT Connections hints today: Clues, answers for April 2, 2026
By Mashable Team
Connections game on a smartphone
The biggest stories of the day delivered to your inbox.
These newsletters may contain advertising, deals, or affiliate links. By clicking Subscribe, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.
Thanks for signing up. See you at your inbox!