Trojan-like Chrome Extension Steals Bank Account Data

Visiting Google, Apple, Amazon or other legitimate online markets for downloading software content are, at best, safe. But although they are official sources we’ve come to fully accept and familiarize about, these are things which aren’t 100% safe.

Take for example, a recent Google Chrome Extension called “Desbloquear Conteúdo” (Portuguese for “Unblock contents”), masquerades as a trusted browser extension, but is actually a malicious phishing application. How it works: The phishing applications secretly modify its victim’s DNS settings or hosts file to re-direct web traffic to a spoof web site. The unfortunate victim, mistakenly believing that nothing has been changed, will continue and enter his/her personal data upon a fake login page.

What’s been cunningly deceptive about this recent malware extension is that it uses screen overlay to perfectly imitate any bank’s site interface, only replacing the login box to which unsuspecting victims will most likely input their sensitive credentials.

Google Chrome was notified about it and addressed the situation as soon as possible. It turns out the IP Address the malicious malware used is identical to another blacklisted phishing domain, which was being monitored as of late. All the same, it already is enough evidence from Google’s part.

What’s our take on this:

* There is never a fully secured web store. Chances are, though small, there are questionable software posted at trusted online markets as well (like the one we’ve discussed about.)

* Understand the risks when trusting third-party applications.

* Knowing this, only allow third-party web extensions that’re reviewed thoroughly and is being advertised by the browser you’re using. There’s less chance a malware would get that kind of exposure/recognition.

* Consider availing real time internet security services from your security provider. It usually gives out ratings to sites and applications, which lessens the chance of committing online mistakes.

About the author

3 Responses

Leave a Reply