We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info
If you use Chrome to browse the web and check your daily dose of emails, you must know about a shock new threat that has just been discovered. The truly terrifying attack, which has been named Cloud9 by its creators, is using a simple extension to infect devices with those tricked then in danger of having personal data stolen during browsing sessions. To make matters worse, the software can also set about infecting devices with malware that can then give hackers total control of a PC.
The Cloud9 attack, which was spotted by the team at Zimperium zLabs, is already thought to have infected Chrome browsers across the world.
It’s clearly a nasty threat as it can create critical security and privacy issues that could even leave users at risk of having their bank accounts raided.
Luckily there is a simple way to avoid becoming the next victim. Zimperium zLabs says that the fake extension is not available on Google’s official marketplace with hackers using other methods to distribute the bug.
One of the main ways that Chrome users have been targeted is via fake websites that offer Abobe Flash software updates.
How to update Google Chrome on your computer
Once installed the attack then takes place but as long as you stick to well-known stores and only download official Chrome extensions your PC will be perfectly safe.
Explaining more about the threat, Zimperium zLabs said: “Web browsers contain the most lucrative pieces of information about a user and thus are becoming an interesting target for malware developers. Every keystroke or session cookie can contain very private information about a user.
“This malicious browser extension not only steals the information available during the browser session but can also install malware on a user’s device and subsequently assume control of the entire device.
“Cloud9 was never found on any official browser extension store, instead relying on distribution through threat actor communities, where users of the tool would then hide the malware to deliver to victims.”
If you think you may have downloaded any unofficial Chrome extensions it might be a good idea to delete them without delay.
Google is also advising that all users make sure that their browsers are fully updated as this can stop hackers in their tracks.
“We always recommend users update to the latest version of Google Chrome to ensure they have the most up-to-date security protections,” a Google spokesperson said.
How to update your Chrome browser:
• On your computer, open Chrome
• At the top right, click More
• Click Help. About Google Chrome
• Click Update Google Chrome. Important: If you can’t find this button, you’re on the latest version.
• Click Relaunch
Source: Read Full Article