Security Corner

Apr 21 2010   12:36AM GMT

Cybercrooks Target Chrome with Bogus Extension



Posted by: Ken Harthun
Tags:
Chrome
Google
Malware
spam
Trojan
Flickr.com/photos/randyzhang/

Source: Flickr.com/photos/randyzhang/

We can now consider Google’s Chrome browser a rousing success. Cybercrooks have begun targeting Chrome users; a compliment, kind of.

The attack begins with a spam message that tries to dupe the unwary into trying an add-on that “helps you better organize your documents received in your email”. A write-up by BitDefender provides a full analysis including screen shots. One interesting note in the analysis:

Although the sham application has the same description as that of an original Google Chrome Extension, the first sign the more inquisitive users will get about it not being what they were looking for should be the fact that instead of the expected “.crx” extension, it features a flamboyant “.exe” tail.

The trojan modifies the Windows HOSTS to redirect any requests for Google or Yahoo pages to counterfeit, malware-laden versions of thoses sites owned by the crooks.

Repeat after me, I will not click links in spam, I will not click links in spam, I will not click links in spam.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: