ChromeLoader, a growing threat to Chrome
The google browser it is one of the main targets of hackers due to the fact that it is the most used. In this case, it is ChromeLoader, which is malware whose mission is to steal data and hijack the browser. It spreads mainly through two means: pirated content (such as games or movies) and QR codes. A group of security researchers from Red Canary has detected a significant increase.
It is a malvertising campaign. The attackers will try to get the victim to install a fake extension, ChromeLoader, and from there take control of the browser. They will redirect the user through fake links that supposedly offer QR codes, movies, video games…
Once installed, what ChromeLoader does is Change settings of the browser. This means that it will start displaying search results for the victim to download malware, take fake surveys, etc. It is more dangerous than other similar types of malware as it is even capable of exploiting PowerShell.
Security researchers have detected that this threat uses a malicious ISO to invade the system. It usually arrives as a supposed program to be able to download another file, such as a movie or a video game. Once downloaded and installed, it will automatically mount a virtual drive and release the malware.
Although this threat mainly affects Windows and Google Chrome, researchers also found that it can be used for macOS and the Safari browser. Therefore, it can also compromise this operating system.
What to do to avoid problems
So what can we do to avoid this problem affecting Chrome? The most important is don’t fall into the trap. Never install a file that you have found on the Internet without really knowing its origin or if it is reliable. This of course includes browser extensions, such as ChromeLoader.
Our advice is that you always download content from the Internet from reliable sources. For example official pages, stores like Google Play or extensions from the Chrome store. Only then will you be truly protected and avoid problems, since you could be installing maliciously modified software without knowing it.
Another very important point is to always have a good antivirus installed. This will help you detect threats of this type that you download by mistake. For example, Windows Defender itself can come in handy to detect malicious software, but you have many more options available. It is important to always keep Chrome secure.
Also, it’s a good idea to always have the updated system correctly, as well as Google Chrome itself. This is important to fix vulnerabilities that can be exploited to sneak in ChromeLoader and other threats. Therefore, you should always have all patches installed.
