The National Telecom and Information Technology Security Board has issued a cybersecurity advisory against hackers targeting Pakistanis who use browser extensions like ChatGPT-4, Gemini for Chrome, and over a dozen other tools to steal private data of Pakistanis.
The advisory warns users, particularly those relying on virtual private networks (VPNs) and artificial intelligence, of increased risks from hackers employing fake techniques to inject malicious code.
The advisory states that malicious code is sent through phishing techniques in order to compromise targeted publishers of legitimate extensions to steal users’ PII using said extensions. At least 16 common extensions (including VPNs and AI ChatBots) are suspected to be compromised:
- AI Assistant – ChatGPT and Gemini for Chrome
- Bard AI Chat Extension
- GPT 4 Summary with OpenAI
- Search CoPilot AI Assistant for Chrome
- Wayin AI
- VPNCity
- Internet VPN
- Vidniz Flex Video Recorder
- VidHelper Video Downloader
- Bookmark Favicon Changer
- UVoice
- Reader Mode
- Parrot Talks
- Primus
- Trackker – Online Keylogger Tool
- AI Shop Buddy
- Rewards Search Automation etc.
The advisory recommends to:
- Avoid the above-mentioned extensions for the time being and use alternate well-reputed options
- Only install trusted extensions
- Read and review permissions and ratings
- Limit permissions where possible
- Regularly update extensions
- Remove unused extensions
- Use well-reputed and licensed ANtivirus software
- Be wary of free extensions
- Actively monitor system utilities and data usage for abnormal activity.
