India news from Cricinfo

Tuesday, April 20, 2010

Google Chrome users beware of unsolicited emails

BitDefender's warning to people who use Google Chrome and its functionalities to browse the net and to organize information. Cybercriminals are setting their minds on exploiting this environment to spread malware and steal user information.

The story goes like this: Users may receive an unsolicited e-mail which announces that a new extension of a browser has been developed to facilitate access to documents from e-mails. Apparently unsuspicious link is provided, and the recipients are advised to follow it in order to download the new extension. Once they click the link, they are redirected to a look-alike of the Google Chrome Extensions page, which, instead of the promised extension, provides them with a fake application that infects their systems with malware.



Although the sham application has the same description as that of an original Google Chrome Extension, the first sign the more inquisitive users will get about it not being what they were looking for should be the fact that instead of the expected ".crx" extension, it features a flamboyant ".exe" tail.

BitDefender identified it as Trojan.Agent.20577 the application modifies the Windows HOSTS file in an attempt to block access to Google and Yahoo web pages. This allows the malware creators to intercept the victim's calls to reach the respective sites. Through this, the innocent users will be redirected to the cybercriminal's own malware-laden versions of those sites.

No comments:

Post a Comment