All Chrome users who are tempted to watch movies and TV shows online for free need to be extremely careful. Researchers at HP Wolf Security have discovered a worrying new threat that is leaving Google’s popular browser open to attack and it could have fans of this software being pushed to fake pages when performing simple web searches.
Hackers have made this possible by tricking Chrome users into downloading a fake extension, called Shampoo, which then instantly redirects the victim’s search queries to malicious websites. These then earn criminals huge sums of money through irritating advert campaigns that pop up on the display.
What makes this attack worse is that the malware is highly persistent with it able to re-launch itself every 50 minutes.
According to HP Wolf Security, Shampoo is often installed via sites that offer blockbuster movies and premium TV for free. Using these pirating web pages has become hugely popular in recent years, especially with the cost of living crisis making official streaming services, such as Netflix, much less affordable.
They often promise the chance to watch the latest movies and box sets without paying a fee but instead of gaining access to a Hollywood classic they often end up leaving devices riddled with malware.
How to update Google Chrome on your computer
Along with that nasty Shampoo extension, HP Wolf Security has also urged Chrome users to watch out for fake OneNote documents.
It appears that cyber attackers are currently taking advantage of these trusted files to embed malicious software behind fake “click here” icons.
Clicking the links opens the hidden file, executing malware to give attackers access to the users’ machine – this can then be sold on to other cybercriminal groups and ransomware gangs.
We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info
Explaining more about the threats, Patrick Schläpfer, Malware Analyst at the HP Wolf Security threat research team, HP Inc, said: “To protect against the latest threats, we advise that users and businesses avoid downloading materials from untrusted sites, particularly pirating sites. Employees should be wary of suspicious internal documents and check with the sender before opening. Organizations should also configure email gateway and security tool policies to block OneNote files from unknown external sources.”
Before downloading any files or extensions, always make sure you trust the creator and never install or open anything from a source that you know nothing about.
Source: Read Full Article