Malicious Actors Distribute AI-Linked Browser Extensions to Steal Session Tokens and Hijack Accounts

Malicious actors are distributing AI-related browser extensions that can intercept authenticated session tokens from users and hijack their accounts. These malicious extensions target users of ChatGPT and other AI services. The attack allows cybercriminals to access compromised accounts by stealing authentication tokens while users browse. LayerX has identified this threat, which spreads through malicious Chrome extensions masquerading as legitimate ChatGPT enhancement tools.