By Vickie Scullard • Published: 10 Nov 2022 • 14:36
Image of a person working on a laptop. Credit: CeltStudio/Shutterstock.com.
The extension is said to record keystrokes to steal your data, such as credit card information.
Researchers at Zimperium zLabs discovered that the extension is actually a botnet called Cloud9, reports the Metro.
The team says the extension logs keystrokes and can install malware that locks the owner out of their infected device.
The researchers said that while Cloud9 is a malicious browser plugin, the team said they didn’t find it on the Chrome Web Store. Instead, it is more likely to be accidentally downloaded via a third-party site, such as somewhere masquerading as an Adobe Flash Player update.
The team says that the malware group is targeting all browsers and operating systems – not just Chrome.
In a blog post, Zimperium zLabs outlines a list of things that the botnet can do once it is installed on a device.
This includes tracking your keystrokes (keylogging) to steal your bank passwords, credit card info, etc; stealing your copy-and-paste data (clipboard); stealing cookies to compromise user sessions; using your browser and computer resources to mine cryptocurrencies; and taking control of your device by executing malicious code Perform DDoS attacks from your PC Inject pop-ups and ads.
The botnet is reported to have been created by a malware group called Keksec and is available to buy on hacker forums for a few hundred euros.
The team said: “The number of victims affected by this is still unknown. Still, it is quite clear that this malware group is targeting all browsers and operating systems and thus trying to increase their attack surface.
“We found some screenshots from a hacker forum where the threat actor showcases the victims they have under attack.”
Thank you for taking the time to read this article, do remember to come back and check The Euro Weekly News website for all your up-to-date local and international news stories and remember, you can also follow us on Facebook and Instagram.
Share this story
Subscribe to our Euro Weekly News alerts to get the latest stories into your inbox!
By signing up, you will create a Euro Weekly News account if you don't already have one. Review our Privacy Policy for more information about our privacy practices.
A journalist of more than 12 years from Manchester, UK, Vickie now lives in Madrid and works as a news writer for the Euro Weekly News.
By signing up, you will create a Euro Weekly News account if you don’t already have one. Review our Privacy Policy for more information about our privacy practices.
Download our media pack in either English or Spanish.