WebProNews
Breaking eBusiness News

Thanks for reading the Thursday, May 17th, 2018 edition of WebProNews!

- Sponsored -

Are you building a winning experience?
44% of US ecommerce sales are on Amazon

Navigating paid and unpaid methods of boosting product page discoverability and conversion is complicated. That's why we hosted a webinar with Amazon experts, Content26, to discuss advertising, content, and every other worthwhile element of Amazon product strategy.

WATCH THE RECORDING ...

Google's Web Store Spreads Malware Again, 100,000 Users Infected By Malicious Chrome Extensions

Security firm Radware has uncovered malicious extensions believed to infect more than 100,000 Google Chrome users. According to a report released on Thursday, malware was discovered in the browser’s official Web Store.

Using machine-learning algorithms, Radware was able to pinpoint a zero-day malware threat to one of its clients. These malicious extensions spread via links sent over Facebook, pilfering login credentials, mining cryptocurrencies, and engaging in click fraud, among others.

Cybercriminals involved with the latest malware campaign were said to have been active since March 2018. Since that time, they infected 100,000 users worldwide, the company said in its blog post. Called "Nigelthorn"— a name derived from the Nigelify application, the malware redirects victims to a fake Youtube page and prompts them to install a Chrome extension to play the video. Once installed, these computers become part of the botnet as harmful JavaScript download additional code from the command center. The infection process continues when the victim's Facebook contacts click on the sent malicious link.

- Sponsored -

eBook
How to Build a Security Operations Center (On a Budget)

Download this eBook to get an in-depth look at how organizations with limited resources can set up a successful operations center for monitoring, detecting, containing, and remediating IT threats.

DOWNLOAD NOW...

To bypass Google’s extension validation checks, attackers modified copies of legitimate extensions and added malicious script inside. Thanks to Google’s security algorithms, seven of these extensions were removed right after their discovery, including Nigelify, PwnerLike, Alt-j, Fix-case, Divinity 2 Original Sin: Wiki Skill Popup, keeprivate, and iHabno. Radware emphasized that the malware only infected Chrome users on Windows and Linux so other browsers are unaffected by the attack.

Radware pointed out that the malware went undetected despite tight security over the network. The firm also warned that attackers might identify other ways to bypass security controls with mutated malware disguised as browser plug-ins. And it seemed that bad Chrome extensions are one of Google’s weak spots.

Meanwhile, Trend Micro has identified the return of FacexWorm, a malicious extension that propagates via socially engineered links on Facebook Messenger similar to Digmine. Apart from stealing credentials, FacexWorm redirects potential victims to cryptocurrency scams and referral links of attackers, installs bad mining codes, and takes over transactions on trading platforms and in web wallets. It was first spotted in August of last year but resurfaced recently in certain countries.  READ MORE.

Check out the WebProNews homepage or click on the header for more.
This is a WebProNews publication.
851 Corporate Dr. | Suite 201 | Lexington, KY 40503 | 859.514.2720

To Be Taken Off This Mailing, Click Here