If you come across a website that asks you to download the latest Adobe Flash Player update – think twice, a new campaign to distribute malicious browser functionality for Chromium-based browsers has been discovered by Zimperium cybersecurity researchers
Experts warn that the only thing you’ll download is Cloud9 browser bots that can do all kinds of bad things with Chromium Browser (Opens in a new tab).
According to their research, Cloud9 is an add-on that can perform many malicious acts, such as stealing online accounts, logging keystrokes, silently loading ads, and using a browser to distribute distributed denial of service (DDoS (Opens in a new tab)) attacks. If allowed to do so, the add-on will also abuse many exploits to drop more Malware To the target end point, until it becomes more dangerous.
Keksec at it again
“Layer 7 attacks are usually very difficult to detect because a TCP connection looks very similar to legitimate requests,” Zimperium explained. “The developer could potentially use these bots to provide a service to perform DDOS.”
Researchers believe that a group known as Keksec is behind the latest malware distribution campaign, because it uses the same Command and Control (C2) servers that Keksec has used in the past. This will not be Keksec’s first bot, as they have already developed EnemyBot, Tsunamy, Gafgyt, DarkHTTP, DarkIRC and Necro.
With this latest product, they do not appear to be targeting any specific person, as victims are spread all over the world. Another possibility is that Keksec is actually selling or renting the tool to other threat actors, hence the diverse list of victims.
respond to results ComputerGoogle has warned users to always update their browsers to the latest version and have up-to-date security protections in place.
Google added: “Users can also stay better protected from malware and malicious websites by enabling enhanced protection in Chrome’s privacy and security settings.” “Improved protection automatically warns you about potentially dangerous sites and downloads, scans the security of your downloads, and warns you when a file is dangerous.”
Across: Computer (Opens in a new tab)
