Skip to main content
  1. Home
  2. Computing
  3. News

Beware: many ChatGPT extensions and apps could be malware

Alan Truly
By

ChatGPT fever has overtaken the internet, and rightly so since it’s such a powerful new tool. Unfortunately, the most sought-after content is often fertile ground for hackers and scammers.

In a recent video, cybersecurity-focused YouTuber John Hammond warned that many ChatGPT extensions and apps could contain malware. It’s a valid point, and we should all use caution when installing desktop browser add-ons and mobile apps.

OpenAI's ChatGPT blog post is open on a computer monitor, taken from a high angle.
Photo by Alan Truly

When you visit a webpage, such as ChatGPT, you know who can access the information you provide. OpenAI is a known quantity that most people respect, even if there is some concern about the rapid pace of OpenAI’s updates to the public.

Recommended Videos

The privacy policies of browser extensions and apps vary dramatically, however. Even more alarming, regardless of the privacy claims, you might not recognize the developer or know whether they are trustworthy. It’s easy to claim your information will not be shared or sold, but who will enforce that policy?

Related

Hammond notes that it goes deeper than the information you might voluntarily provide to the extension or app. Hackers have ways of bypassing security features, particularly when doing so with software you’ve installed on your device.

Citing a recent Guardio report on a fake ChatGPT Chrome extension, Hammond explains that the extension contained malware that used a backdoor to access Facebook account information.

By stealing numerous Facebook accounts, the malware created bots that made advertisements promoting the extension. The ads drove traffic to the extension, generating more bots that posted more ads.

The goal of the self-replicating malware was to collect user information to sell on the dark web. Google took down the extension, but another soon popped up, and the battle against malware is seemingly unending.

Most ChatGPT Extensions Are Just Malware

The critical takeaway from the video is to be careful with every browser extension you install. Any software that resides on your computer has greater access than a webpage. The same is true of mobile apps.

If you want to use ChatGPT, you can do so from OpenAI’s website. GPT-4, the OpenAI technology behind ChatGPT, powers Bing Chat and is available in a tab on any Bing Search. Bing Chat is also available on your phone via the Bing app or Edge browser.

If you still want to use a browser extension or app that adds extra capabilities or makes the advanced AI more convenient, proceed with caution. Check the privacy policy, read reviews, and learn more about the developer before trusting that your data will be secure and private.

Editors' Recommendations

Topics
Alan Truly
Alan Truly
Computing Writer
Alan is a Computing Writer living in Nova Scotia, Canada. A tech-enthusiast since his youth, Alan stays current on what is…
Is ChatGPT safe? Here are the risks to consider before using it
A response from ChatGPT on an Android phone.

For those who have seen ChatGPT in action, you know just how amazing this generative AI tool can be. And if you haven’t seen ChatGPT do its thing, prepare to have your mind blown! 

There’s no doubting the power and performance of OpenAI’s famous chatbot, but is ChatGPT actually safe to use? While tech leaders the world over are concerned over the evolutionary development of AI, these global concerns don’t necessarily translate to an individual user experience. With that being said, let’s take a closer look at ChatGPT to help you hone in on your comfort level.
Privacy and financial leaks
In at least one instance, chat history between users was mixed up. On March 20, 2023, ChatGPT creator OpenAI discovered a problem, and ChatGPT was down for several hours. Around that time, a few ChatGPT users saw the conversation history of other people instead of their own. Possibly more concerning was the news that payment-related information from ChatGPT-Plus subscribers might have leaked as well.

Read more
What is ChatGPT Plus? Here’s what to know before you subscribe
Close up of ChatGPT and OpenAI logo.

ChatGPT is completely free to use, but that doesn't mean OpenAI isn't also interested in making some money.

ChatGPT Plus is a subscription model that gives you access to a completely different service based on the GPT-4 model, along with faster speeds, more reliability, and first access to new features. Beyond that, it also opens up the ability to use ChatGPT plug-ins, create custom chatbots, use DALL-E 3 image generation, and much more.
What is ChatGPT Plus?
Like the standard version of ChatGPT, ChatGPT Plus is an AI chatbot, and it offers a highly accurate machine learning assistant that's able to carry out natural language "chats." This is the latest version of the chatbot that's currently available.

Read more
ChatGPT shortly devolved into an AI mess
A response from ChatGPT on an Android phone.

I've seen my fair share of unhinged AI responses -- not the least of which was when Bing Chat told me it wanted to be human last year -- but ChatGPT has stayed mostly sane since it was first introduced. That's changing, as users are flooding social media with unhinged, nonsensical responses coming from the chatbot.

In a lot of reports, ChatGPT simply spits out gibberish. For example, u/Bullroarer_Took took to the ChatGPT subreddit to showcase a response in which a series of jargon and proper sentence structure gives the appearance of a response, but a close read shows the AI spitting out nonsense.

Read more