CHROME users have been warned to watch out for a dangerous extension which can take control of your device.
Once a hacker has pulled it off, they can basically take over accounts and even get hold of your passwords.
1
The threat is called Cloud9 and it’s been found hiding in malicious extensions.
Fortunately these aren’t extensions available in the official Chrome store.
Instead they’re lurking around on the wider internet – all the more reason to refrain from downloading extensions outside of the proper store front.
Apparently it’s being pushed on websites for things like fake Adobe Flash Player updates.
The threat is not only a problem for Chrome, but also Microsoft Edge users, which uses the same technology behind the scenes.
Experts from Zimperium who uncovered the scam said the true number of victims affected is unknown.
“It is quite clear that this malware group is targeting all browsers and operating systems and thus trying to increase their attack surface,” the firm warned.
“We found some screenshots from a hacker forum where the threat actor showcases the victims they have under attack.”
Most read in Tech
It’s believed the hackers behind the scheme have ties to a notorious malware group called Keksec.
Google told Bleeping Computer: “We always recommend users update to the latest version of Google Chrome to ensure they have the most up-to-date security protections.
“Users can also stay better protected from malicious executables and websites by enabling Enhanced Protection in the privacy and security settings in Chrome.
“Enhanced Protection automatically warns you about potentially risky sites and downloads and inspects the safety of your downloads and warns you when a file may be dangerous.”
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
This post first appeared on Thesun.co.uk
