August 10, 2024 at 11:21AM
A widespread malware campaign installs rogue Google Chrome and Microsoft Edge extensions via a trojan distributed through fake websites. The malware, present since 2021, affects over 300,000 users and uses malvertising to trick users into downloading the trojan. The extensions hijack searches, intercept web requests, and execute various commands.
From the meeting notes, it is evident that there is an ongoing and widespread malware campaign targeting users of Google Chrome and Microsoft Edge. The campaign involves the distribution of rogue browser extensions through a trojan distributed via fake websites posing as popular software. The malicious activities associated with this campaign include hijacking search queries, stealing private data, executing various commands, and intercepting web requests.
The malware and extensions have affected at least 300,000 users, and the campaign relies on malvertising to lure users into downloading the trojan. The digitally signed malicious installers use scheduled tasks and PowerShell scripts to download and execute additional payloads from remote servers. Once installed, the extensions cannot be disabled by the users, and they have the capability to intercept web requests, receive commands, and manipulate search queries.
It’s important to note that similar campaigns have been observed in the past, indicating a recurring threat to users of Google Chrome and Microsoft Edge. This highlights the need for proactive measures to protect users and prevent further proliferation of these malicious activities.
Please let me know if you need further clarification or additional information regarding the meeting notes.