Skip to main content
  1. Home
  2. Computing
  3. News

This Chrome extension lets hackers remotely seize your PC

Add as a preferred source on Google

Malicious extensions on Google Chrome are being used by hackers remotely in an effort to steal sensitive information.

As reported by Bleeping Computer, a new Chrome browser botnet titled ‘Cloud9’ is also capable of logging keystrokes, as well as distributing ads and malicious code.

A depiction of a hacker breaking into a system via the use of code.
Getty Images

The browser botnet operates as a remote access trojan (RAT) for the Chromium web browser, which includes both Chrome and Microsoft Edge. As such, it’s not just login credentials that can be accessed; hackers can also launch distributed denial of service (DDoS) attacks.

Recommended Videos

The Chrome extension in question is naturally not accessible via Google’s official Chrome web store, so you may be wondering how victims are being targeted. Websites that exist to spread infections via bogus Adobe Flash Player update notifications are being used instead.

Security researchers at Zimperium have confirmed that Cloud9 infection rates have been detected in multiple regions around the world.

The foundation of Cloud9 is three central JavaScript files that can obtain information of the target system, and mine cryptocurrency on that same PC in addition to injecting scripts in order to launch browser exploits.

Multiple vulnerabilities are being exploited, Zimperium notes, including CVE-2019-11708 and CVE-2019-9810 in Firefox, CVE-2014-6332 and CVE-2016-0189 for Internet Explorer, and CVE-2016-7200 for Microsoft Edge.

Although the vulnerabilities are commonly used to install Windows malware, the Cloud9 extension can steal cookies from a browser, allowing hackers to take over valid user sessions.

Furthermore, the malware comes with a keylogger — software that can essentially send all your key presses to the attackers. A “clipper” module was also discovered in the extension, which allows the PC to access copied passwords or credit cards.

“Layer 7 attacks are usually very hard to detect because the TCP connection looks very similar to legitimate requests,” Zimperium stated. “The developer is likely using this botnet to provide a service to perform DDOS.”

Another way the threat actors behind Cloud9 generate even more illicit income is by injecting advertisements and then loading these webpages in the background to accrue ad impressions.

With Cloud9 being spotted on cybercrime forums, the operators could be selling its malicious extension to interested parties. With this in mind, always double-check if you’re installing anything on your browser from an unofficial source and enable two-factor authentication where possible.

Zak Islam
Former Contributor
Zak covers the latest news in the technology world, particularly the computing field. A fan of anything pertaining to tech…
Apple’s M6 chip isn’t even here yet, but you’ll see M7 Macs early in 2027
Apple is reportedly already accelerating its next-generation silicon roadmap, even before the M6 has launched.
Apple MacBook

The M6 chip is still expected to debut later this year, but Apple may already be preparing for what comes next. According to Mark Gurman's latest report for Bloomberg, the company is aiming to introduce its first M7-powered devices as early as the first half of 2027, hinting at a much faster silicon refresh than many expected.

M7 could arrive alongside new Macs and iPads

Read more
The entry-level MacBook Pro could get a design refresh in 2027, and it’s about time
Five years on the same chassis, and now both tiers of the MacBook Pro are getting a new look at once.
MacBook Pro in space grey sitting on a desk.

Apple has a new MacBook Pro lined up for launch early next year, according to Bloomberg. The company will introduce a 14-inch laptop in the first half of 2027. 

The biggest surprise, however, will be a brand-new design language. The outlet describes it as "a revamped entry-level MacBook Pro, code-named K104."

Read more
Study finds humans will talk to AI ghosts of the dead as reincarnations, and it’s pretty grim
The first AI ghost study is in. The results are about as complicated as you'd expect.
VR Headset, Person, Face

A new study from the University of Colorado Boulder confirms something that sounds both impressive and concerning. People find interacting with AI simulations of their dead loved ones deeply meaningful, and most will come away wanting to do it again.

The researchers call it a "generative ghost," which is a clear reference to generative AI, but I’d still prefer to call it unsettling.

Read more