ioc[.]one - OSINT Cyber Threat Intelligence Database

LetsDefend SA Event ID: 153, SOC202 — FakeGPT Malicious Chrome Extension

Tags

attack-pattern:

Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	ddb93840-17a8-4d93-ad4d-58d5a9e87f80
Fingerprint	3a469e81a9fa3558
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 29, 2024, 8:48 a.m.
Added to db	Sept. 29, 2024, 11:09 a.m.
Last updated	Nov. 16, 2024, 12:27 a.m.
Headline	LetsDefend SA Event ID: 153, SOC202 — FakeGPT Malicious Chrome Extension
Title	LetsDefend SA Event ID: 153, SOC202 — FakeGPT Malicious Chrome Extension
Detected Hints/Tags/Attributes	21/1/15

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@abalonpsalmer/letsdefend-sa-event-id-153-soc202-fakegpt-malicious-chrome-extension-ba065f242c6b?source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	3		version.chatgpt4google.workers.dev
Details	Domain	2		www.chatgptforgoogle.pro
Details	Domain	2		www.chatgptgoogle.org
Details	Domain	268		www.virustotal.com
Details	File	52		c:\program files\google\chrome\application\chrome.exe
Details	sha256	2		7421f9abe5e618a0d517861f4709df53292a5f137053a227bfb4eb8e152a4669
Details	IPv4	2		172.16.17.173
Details	IPv4	2		52.76.101.124
Details	IPv4	2		18.140.6.45
Details	Url	1		https://www.virustotal.com/gui/file/7421f9abe5e618a0d517861f4709df53292a5f137053a227bfb4eb8e152a4669/community
Details	Url	2		https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
Details	Url	1		https://otx.alienvault.com/indicator/file/7421f9abe5e618a0d517861f4709df53292a5f137053a227bfb4eb8e152a4669
Details	Url	1		https://www.virustotal.com/gui/domain/version.chatgpt4google.workers.dev/detection
Details	Url	1		https://www.virustotal.com/gui/domain/www.chatgptforgoogle.pro/relations
Details	Url	1		https://www.virustotal.com/gui/domain/www.chatgptgoogle.org?nocache=1