Daily cyber threats and internet security news: network security, online safety and latest security alerts
April 19th, 2010

Trojan Poses As Google Chrome Browser Extension

Miscreants have created a Trojan that poses as a Google Chrome extension. Spammed messages attempt to dupe prospective marks into trying an add-on that “helps you better organize your documents received in your email”.

Interested parties are pointed towards a counterfeit Google Chrome Extensions page, which offers a malware executable. More observant punters will notice that the download is offered in an .exe file and not a .crx Google Chrome extension. Such markers are easily missed, however.

The Trojan horse malware on offer (identified by Romanian security firm BitDefender as the Agent-20577) blocks access to Google and Yahoo webpages. Attempts to reach these sites on infected machines are hijacked and redirected to counterfeit sites. Such trickery is commonly a prelude to either phishing attacks or a technique by the hackers behind the trick to gain affiliate income from scareware slingers or other undesirables.

The appearance of the attack shows that cybercrooks have begun targeting Google Chrome users, something that only tends to happen when a product or service becomes widely used among end users and is therefore a compliment (of sorts) to the success of Google’s browser technology.

Credit: The Register

Share this item with others:

More on CyberInsecure:
  • Login And Password Stealing Trojan Masquerades As Firefox Plug-in
  • High-risk Vulnerabilities In Google Chrome
  • Address Spoofing Flaw Allows Google’s Chrome Websites Impersonation
  • Microsoft Discovers Flaw In Google Plug-in For Internet Explorer
  • Google Chrome Browser Bug Could Leak Identity of Anonymously Surfing Users

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Trojan Poses As Google Chrome Browser Extension

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.