Anti-virus and trusted accounts not enough to avoid Chrome extension malware

Chrome Extension
A piece of banking malware discovered hiding behind a Chrome extension on Google’s Chrome Web Store for the second time in almost as many weeks, is just the latest to slip through in recent months. A number of nefarious applications have been infecting systems all over the world using the download platform, and many have been able to evade the most commonly used anti-malware solutions.

While of course, some anti-virus solutions are better than others, sometimes a piece of malware is so sophisticated it’s able to avoid detection by them all. This latest infectious trojan was discovered on the Chrome Web Store, and it masquerades as the “Interface Online” extension. It avoided detection by the 58 most common anti-viral applications.

Indeed it was so difficult to detect that even though it was removed just over two weeks ago from the Chrome Web Store, it was re-uploaded and made available again very recently, prompting the need for another user-report to bring it down. Discovered twice by the chief research officer at Morphus Labs, Renato Marinho (thanks Ars), the extension received upwards of 50 downloads during its tenure on the extension download platform.

The malware, in this case, was a data gathering one, designed to allow further exploitation of the victims. After securing form login information from the user, the malware transfers that data to a server controlled by the attackers, who can then use it to profile their victim. They then use that information to go after those who have financial control over the company they work for.

In targeted attacks, they call them up and use a combination of social engineering and phishing to have them give the attacker further access to financial information, which can result in banking theft.

As Ars points out, as problematic as this was, it’s just a symptom of a common problem affecting the extension store. Several Chrome extensions hosted on the Web Store have been discovered over the past year to contain malicious code, in some cases following the hijacking of legitimate developer accounts, making it very hard to know which extensions you can trust.

Although downloading any software from vetted sources is a great way to avoid being hit with malware, when the nefarious authors behind the malware are able to have it hosted on services like the Chrome Web Store, it makes it very hard to avoid them. That goes doubly so for the malware that is ultimately distributed under trusted developer accounts which have been compromised.

Marinho recommends that Google enable two-factor authentication for accounts on its Web Store to limit this problem, and encourage developer practices that limit extensions’ access to passwords and other credentials.


Apple CEO demands Bloomberg retract its Chinese surveillance story

Apple CEO Tim Cook is calling on Bloomberg to retract a story alleging that Apple had purchased compromised servers that allowed the Chinese government to spy on Apple. Apple's investigation found no truth to the story.

Protect your digital identity with these four easy steps to online anonymity

You don't have to be a secret agent or a notorious hacktivist to care about anonymity. Consult this guide to learn tips, tricks, and best practices for staying anonymous and keeping your online activity private

Apple’s latest feature ensures MacOS apps are safer than ever

MacOS is mythically known for being more immune to viruses than Windows, but that doesn't mean there isn't room to make it safer. Apple is using an app notarization feature to protect users from downloading malicious apps.

The best accounting software for your small business

Small business owners looking for accounting software have a variety of options at their disposal. And this guide will help them find the best solutions, from Quickbooks Online and Freshbooks to AccountEdge and Zoho Books.

PayPal will soon let you withdraw cash at Walmart, but there’s a catch

PayPal has teamed up with Walmart to allow its account holders to withdraw and deposit cash at the store. The service launches at all Walmart stores across the U.S. in early November, but there's a catch.

Here's how to download a YouTube video to watch offline later

Learning how to download YouTube videos is easier than you might think. There are plenty of great tools you can use, both online and offline. These are our favorites and a step by step guide on how to use them.

Your ‘Do Not Track’ tool might be helping websites track you, study says

New research from the "Do Not Track" features embedded in popular browsers are being ignored, opening up the possibility of consumers having their information targeted by specific ads based on their web histories and cookies. 

Carbuying can be exhausting: Here are the best used car websites to make it easier

Shopping for a used car isn't easy, especially when the salesman is looking to make a quick sale. Thankfully, there are plenty of sites aimed at the prospective buyer, whether you're looking for a sedan or a newfangled hybrid.

How to recover Google contacts

If you accidentally deleted an important person from your Google Contacts, they might not be lost forever. Recovering them is a fairly easy process -- as long as you do it quickly. Here's how.

Afraid that Bitcoin could be a bubble? Here's how to sell what you've got

If you're investing in cryptocurrencies, it's important to have your exit strategy in place if prices start to crash. If you've decided it's time to get out or just want to learn how to sell Bitcoins, here's how to get started.

Don't take your ISP's word for it: Here's how to test your internet speed

If you're worried that you aren't getting the most from your internet package, speed tests are a great way to find out what your real connection is capable of. Here are the best internet speed tests available today.

Feed your fandom: These are the best YouTube channels for sports lovers

If you're a cable cutter who still wants to enjoy quality sports highlights and analysis, YouTube is the place to go. There are plenty of great sports-centric channels on YouTube, each of which provides great highlights and top-shelf…
Social Media

YouTube is back after crashing for users around the world

It's rare to see YouTube suffer serious issues, but the site went down around the world for a period of time on October 16. It's back now, and we can confirm it's loading normally on desktop and mobile.

Chrome 70 is now available and won’t automatically log you in to the browser

Google has officially launched Chrome version 70 on Windows Mac and Linux. The update introduces some new Progressive Web App integrations on Windows 10 and also tweaks the much controversial auto login with Google Account feature.