Skip to main content

This PowerPoint ploy could help hackers empty your bank account

A hacker typing on an Apple MacBook laptop, which shows code on its screen.
Sora Shimazaki / Pexels

With various cybersecurity threats on a constant rise, it certainly feels like dangerous malware is around every corner. This time, it found its way into PowerPoint presentations disguised as helpful guides on how to protect yourself against phishing. The irony of it all is strong, but the worst part is that this malware could help attackers empty your bank account.

We’re talking about the Rilide Stealer Chrome browser extension which has been making the rounds lately, as reported by Bleeping Computer. Unfortunately, Rilide is readily-available to threat actors as it is sold for $5,000 to cybercriminals, meaning that it can be distributed in various ways. Chrome extensions are just one thing, although that seems to be the main source of the malware right now. The extension works on all Chromium-based browsers, so it’s not just Google Chrome, but also Brave, Microsoft Edge, and Opera.

Recommended Videos

In order for the malware to work, users have to download this extension first, and to that end, cybercriminals keep finding new ways to trick people to fall for their scams. Most recently, Rilide has been found in phishing emails that pretend to be legit VPN and firewall products. In those emails, the hackers talk about various possible threats users might run into online and offer “guidance” on how to avoid them, claiming that the extension can help.

Please enable Javascript to view this content

Those who believe the contents of the presentation are directed to a guide on how to add this extension to Chrome. The links lead directly to malware, and from there, the extension can aid attackers in stealing login credentials, bank accounts, and cryptocurrencies stored in digital wallets. Rilide uses injection scripts to pull this off, and it works with many different crypto wallets, payment providers, banks, and email services.

Screenshot of a phishing PowerPoint presentation.
Bleeping Computer

Rilide also relies on using typosquatting domains to trick people. Also known as URL hijacking, this is a cybercrime tactic that preys on users who mistakenly type the wrong website address. As an example, the user might type “Gooogle.com” instead of “Google.com.” If the address is claimed by a threat actor, the person will be presented with a website that carefully impersonates various banks and payment service providers. Once they input their account credentials, the account is likely to be hijacked.

Researchers found over 1,500 such domains. Some of them have been boosted by SEO poisoning to rank higher in popular search engines. Moreover, the scammers also took to Twitter — or rather, X — to convince people to try out the extension.

The most curious part of Rilide is that it appears to bypass the Chrome Extension Manifest V3. This set of restrictions was meant to protect users from downloading malicious extensions, but unfortunately, Rilide managed to slip past the defenses.

As far as malware goes, Rilide is pretty scary. Not only can it help hackers empty your bank account, but it also might hit from many different angles due to the fact that it’s actively being updated and sold to threat actors. If you want to stay safe, follow the usual golden rule: Never open any links from sources you don’t trust, and don’t download any browser extensions that don’t seem trustworthy.

Thankfully, it seems Rilide is largely pointed at enterprise users and crypto owners, but you should still keep an eye out for any suspicious extensions.

Monica J. White
Monica is a computing writer at Digital Trends, focusing on PC hardware. Since joining the team in 2021, Monica has written…
ChatGPT’s new Pro subscription will cost you $200 per month
glasses and chatgpt

Sam Altman and team kicked off the company's "12 Days of OpenAI" event Thursday with a live stream to debut the fully functional version of its 01 reasoning model, as well as a new subscription tier called ChatGPT Pro. But to gain unlimited access to these new features and capabilities, you're going to need to shell out an exorbitant $200 per month.

The 01 model, originally codenamed Project Strawberry, was first released in September as a preview, alongside a lighter-weight o1-mini model, to ChatGPT-Plus subscribers. o1, as a reasoning model, differs from standard LLMs in that it is capable of fact-checking itself before returning its generated response to the user. This helps such models reduce their propensity to hallucinate answers but comes at the cost of a longer inference period and slower response.

Read more
Surface Pro alternative: This Asus Chromebook is another $70 off today
A man holding the Asus Chromebook CM3001 Laptop.

While fast and powerful CPUs and GPUs go a long way with a desktop or laptop, not every PC needs to be a workhorse. Some folks only need a computer for basic web browsing or watching the occasional HD movie or show. That’s why we’re always on the lookout for great Chromebook deals. These Chrome OS machines are just strong enough to deliver a notch above the basics, and today, we found an excellent discount on an Asus Chromebook. For a limited time, when you purchase the Asus Chromebook CM3001 Laptop at Best Buy, you’ll only pay $230. At full price, this model sells for $300.

Why you should buy the Asus CM3001 Laptop
From its convenient 2-in-1 design (check out our list of the best 2-in-1 deals) to its beautiful 10.5-inch 1920 x 1200 touchscreen (WUXGA), the CM30 is a laptop you’ll have zero issues taking just about anywhere. Its light form factor is a huge plus, and when closed, the CM30 is only 0.67 inches thick! And while we’re not dealing with Intel or AMD for internals, the onboard MediaTek Kompanio 520 CPU runs and smooth and efficient ship. It's also a great Surface Pro alternative, for those tiring of the Windows way.

Read more
Get Copilot+ features for less with this Asus laptop deal
An Asus ProArt P16 laptop on a white background.

One of the best laptop deals right now is perfect for anyone who is seeking a Copilot PC. If you’re looking to enjoy AI features, check out the Asus ProArt P16 laptop which is $200 off at Best Buy. The laptop normally costs $1,900 but right now, you can buy it for $1,700. A high-end productivity-focused laptop which also packs a punch for some gaming too, this is an ideal workhorse of a PC. Here’s all you need to know about it alongside some insight into the wonders of Copilot.

Why you should buy the Asus ProArt P16 laptop
Asus features in our look at the best laptop brands thanks to the company being great at developing all-rounder laptops. The Asus ProArt P16 laptop is one such highlight. It has an AMD Ryzen AI 9 HX 370 CPU, 32GB of memory, 1TB of SSD storage, and an Nvidia GeForce RTX 4060 GPU.

Read more