Trojan poses as Google Chrome extension
As more and more people are using Google Chrome and its functionalities
to browse the net and to organize information, cybercriminals have set
their minds on exploiting this environment to spread malware and steal
Google Chrome users receive an unsolicited e-mail which announces that
a new extension of their favorite browser has been developed to
facilitate their access to documents from e-mails.
An apparently unsuspicious link is provided, and the recipients are
advised to follow it in order to download the new extension. Once they
click the link, they are redirected to a look-alike of the Google
Chrome Extensions page, which, instead of the promised extension,
provides them with a fake application that infects their systems with
Although the sham application has the same description as that of an
original Google Chrome Extension, the first sign the more inquisitive
users will get about it not being what they were looking for should be
the fact that instead of the expected .crx extension, it features a
flamboyant .exe tail.
Identified by BitDefender as Trojan.Agent.20577 the application
modifies the Windows HOSTS file in an attempt to block access to Google
and Yahoo webpages. Every time users want to access them and write
google.[xxx] or [xx].search.yahoo.com in the web browser, they will
be redirected to another IP: 89.149.xxx.xxx . This allows the malware
creators to intercept the victims calls to reach the respective sites.
In this way, the credulous users will be redirected to the
cybercriminals own malware-laden versions of those sites.
- Ex-SoftBank Executive Nikesh Arora Joins Palo Alto As CEO
- 8 Out Of 10 Most Valuable Brands Are In Tech: Study
- NITI Aayog, Google To Jointly Foster India's AI Ecosystem
- Is the New URL File Outbreak a Ransomware Attempt?
- Nearly All Firms Are Unprepared For Next-gen Cyber-Attacks: Study
- Coupon Aggregator Zoutons Launches Chrome Extension
- Semiconductors in Data Storage
- Google To Work On Its Own Blockchain Technology
- IT, Digital Firms Comprise LinkedIn's Best Cos For 2018
- What’s Driving The Shift To Cryptocurrency Mining Malware?