News
New Chrome extension can infect your device and steal your credentials
There’s a new Chrome extension that can steal your passwords, credit card info and more. Cloud9 is a malware that words as a trojan, and here’s what you can do to avoid it.
Advertisement
Learn what you can do to avoid the Cloud9 extension.
A Google Chrome extension can help you get more done online by adding new functionalities. However, these extensions can also be a way for cybercriminals to hijack your computer or even infect your device with malware.
Originally reported by BleepingComputer, security researchers at Zimperium discovered a new botnet called Cloud9. This botnet uses a malicious Chrome extension to steal passwords, infect vulnerable computers, log in keystrokes and inject ads via malware.
Any Chrome, or Chromium-based browsers, with the Cloud9 installed runs the risk of even being used to launch DDoS attacks to take over websites. They do so by overwhelming them with heavy traffic.
This Chrome extension works exactly like a RAT (or remote access trojan). Hackers can use it to execute commands in the unsuspected victim’s browser remotely once it’s been installed to their Google Chrome.
Chrome extension distributed through fake updates
Unlike a regular and official Google Chrome extension, you won’t stumble upon Cloud9 on the Chrome Web Store. That is because Google’s security team would easily find and block the malicious extension.
Instead, hackers are using a common tactic to get users into installing the Chrome extension manually. What they do is use fake websites disguised as Adobe Flash Player updates. Even though Adobe discontinued support for the Flash Player in 2021, many users still fall for this trick.
The company even recommended users to uninstall Adobe Flash Player to avoid falling into scams and fake updates websites like these.
You will be redirected to another website
By submitting this form, I agree that I am 18+ years old and I agree to the Privacy Policy and Terms and Conditions. I also provide my signature giving express consent to receive marketing communications via automated emails, SMS or MMS text messages and other forms of communication regarding financial products such as credit card and loans. Message frequency varies and represents our good faith effort to reach you regarding your inquiry. Message and data rates may apply. Text HELP for help or text STOP to cancel. I understand that my consent to receive communications is not a condition of purchase and I may revoke my consent at any time.
Cloud9 explores vulnerabilities to infect Windows devices
When Cloud9 is installed as a Chrome extension, it’ll use three different JavaScript files. It’ll use your computer to mine for crypto, collect your personal data and carry out a number of DDoS attacks.
The malicious extension can also infect your device by exploiting known Windows vulnerabilities in their Edge web browser, and even through Internet Explorer. Once the extension is installed and the system is running Cloud9, cybercriminals can easily log keystrokes and steal your passwords and credit card info from your computer.
The malicious Chrome extension is also able to inject ads by loading web pages in the background. So the first warning that your computer might be infected with Cloud9 is that it will start to run much slower than usual.
How to protect your device from a malicious Chrome extension
The simplest way you can avoid a malicious Chrome extension is to make sure you download official and verified extensions on the Chrome Web Store. However, that’s still not enough. To secure your computer, you should also have good antivirus software installed and running on your computer at all times.
You should always take the same approach as with apps on your phone. Always ask yourself whether or not you’ll actually have use for the extension before you install it. If you come across something that looks too good to be true, it probably is.
Cybercriminals are always looking for ways to gain control of people’s computers. That is why you should always be extra careful when you’re downloading a new Chrome extension.
In a statement, a Google spokesperson said Chrome users should also make sure that they have the latest version of their web browser installed. That’s because they have the latest security protections. Evidently, this advice also works for any other Chromium-based web browser.
Additionally, you can always get extra protection on Chrome extension by turning on Google’s Enhanced Protection. You can do so by accessing the browser’s privacy settings. It’ll help keep your device protected from malware and automatically warn you about any other risky activity.
How to know if your Android phone has a virus
Computers are not the only ones susceptible for malware. You can also get your Android phone infected if you’re not careful. Check out the following link to learn how to spot if your phone has a virus. Plus, what you can do about it.
How to know if your Android phone has a virus
Learn how to spot the signs and get rid of viruses with ease. Read on for more!
About the author / Aline Barbosa
Trending Topics
Most sold games: the top 10 best-selling of all time!
Curious to know the most sold video games of all time? Look no further! This blog post will take you through history's 10 most popular titles.
Keep ReadingLearn how sleep influences your mental health
Lack of sleep can have a significant impact on your mental health. Learn more about how sleep deprivation can negatively affect your life.
Keep ReadingVast Visa® Platinum Card: Financial Freedom!
Read this review and find out why the Vast Visa® Platinum Card is your key to financial empowerment. No annual fees and intro APR included!
Keep ReadingYou may also like
Valuable things everyone might have and not know!
You may have some valuable things lying around your house and not even know it! Check out this list to see what you could be missing out on.
Keep ReadingThe top 10 Best-Selling Albums of All Time
Wondering which albums have sold the most copies? Here are the top 10 best-selling albums of all time. See if your favorite made it!
Keep ReadingWho has the most Grammys? The top 10 winners
Wondering who has won the most Grammys ever? We've got the answer for you - and it's probably not who you are thinking! Read on for more!
Keep Reading