Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
The Malware Kill Chain
The Google Chrome extension installation is one of the most common ways cyber-criminals use to spread malware.
Although Google has removed all the malicious extensions, if you have installed any of them, you should immediately uninstall it and change passwords for your Facebook, Instagram and other accounts where you are using the same credentials.
List of Malicious Chrome Extensions
Here’s the list of the malicious extensions:1. Nigelify2. PwnerLike3. Alt-j4. Fix-case5. Divinity 2 Original Sin: Wiki Skill Popup6. Keeprivate7. iHabno
Once the extension is installed on the Chrome browser, a malicious JavaScript is executed that downloads the initial configuration from the C2.
Configuration File
Afterwards, a set of requests is deployed, each with its own purpose and triggers.
Communication Protocol
The malware depends on Chrome and runs on both Windows and Linux.
Malware Capabilities:1. Data Theft2. Facebook Propagation3. YouTube Fraud4. Cryptocurrency Mining5. Persistency
Chrome Extensions Spreading Through Facebook Caught Stealing Data was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.
Publication date
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.