Chrome is the world’s most popular browser and, as such, is a major target for hackers, a fact highlighted by the emergence of a malicious Chrome extension.
If you’re a Chrome user, then you will be well aware of the wide range of benefits that Chrome extensions deliver. They not only making browsing easier, but their main objective is to make you more productive e.g. automating tasks such as blocking pop-up adverts. While Chrome extensions allow you to personalize your browsing experience, they are not without risk. Privacy concerns have surrounded browser extensions for as long as they have been available, and malicious extensions have been equally concerning.
It’s more than likely that your organization uses the Chrome browser in some capacity, so let’s look at the dangers of this most recent malicious extension.
The Lowdown on ChromeLoader
With a name that does exactly what it says on the tin, the ChromeLoader extension loads itself into Chrome. It begins its journey towards Chrome in the form of an ISO file – an image copy of the contents of an optical disc – which is currently being spread through social media sites and pay-per-install sites. Within this ISO is an executable file which, when activated, installs the ChromeLoader extension into Chrome and uses Windows’ Task Scheduler application to load the extension.
At present, the malicious activity of ChromeLoader has been recorded as relatively low. Rather than stealing data or encrypting files, ChromeLoader appears more concerned with redirecting victims towards spam sites. It’s a threat level which may not appear significant but, as with all malware, there’s a potential for ChromeLoader to evolve into something more powerful. It could, for example, be used to load ransomware into a compromised PC, and that’s when your productivity really will come under attack. And, even it remains only a minor nuisance with its spam redirection, it’s still a problem your organization could do without.
How to Tackle ChromeLoader
ChromeLoader is delivered via an ISO file, and the chances of your employees needing to handle ISO files at work are slim. Therefore, it makes sense to add ISO files to your list of prohibited files that can be downloaded. If an employee does need an ISO file downloading from the internet, then they should contact your IT team to arrange this securely. Banning torrent sites, such as PirateBay, will also limit the chances an employee has to access infected ISO files, so build this into your web filters as well.
Ultimately, extensions such as ChromeLoader prey upon the naivety of the common internet user. For the average person, a Chrome extension is a useful ally, not something to be feared. However, threat actors are always keen to deliver their malicious payloads as stealthily as possible. And that’s why they try to take advantage of routes, such as Chrome extensions, which are commonly trusted by PC users. As a result, educating your staff on the potential dangers of downloading files from the internet, such as ISO files or browser add-ons, should be a priority.
For more ways to secure and optimize your business technology, contact your local IT professionals.
