CySecurity News – Latest Information Security and Hacking Incidents
The browser-hijacking malware called ChromeLoader is witnessing a new surge in activity since its discovery earlier this year, researchers at Red Canary, wrote in a blog post this week.
ChromeLoader uses PowerShell, an automation and configuration management framework, to add a malicious extension to a victim’s Chrome browser for nefarious purposes. The malicious extension drastically modifies the victim’s web browser settings to show search results that promote unwanted software, fake giveaways, surveys, and adult games and dating sites.
The malware’s creators receive financial benefits due to the marketing affiliation from these ad-supported pages and redirect traffic to these commercial sites. There are multiple hijackers of this kind, but ChromeLoader is unique due to its persistence, volume, and infection route, which involves the aggressive use of PowerShell.
Exploiting PowerShell
According to Re
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: