Trojan poses as Google Chrome extension
Cybercrooks start to target Google's browser
Miscreants have created a Trojan that poses as a Google Chrome extension.
Spammed messages attempt to dupe prospective marks into trying an add-on that "helps you better organise your documents received in your email".
Interested parties are pointed towards a counterfeit Google Chrome Extensions page, which offers a malware executable.
More observant punters will notice that the download is offered in an .exe file and not a .crx Google Chrome extension. Such markers are easily missed, however.
The Trojan horse malware on offer (identified by Romanian security firm BitDefender as the Agent-20577) blocks access to Google and Yahoo webpages. Attempts to reach these sites on infected machines are hijacked and redirected to counterfeit sites. Such trickery is commonly a prelude to either phishing attacks or a technique by the hackers behind the trick to gain affiliate income from scareware slingers or other undesirables.
The appearance of the attack shows that cybercrooks have begun targeting Google Chrome users, something that only tends to happen when a product or service becomes widely used among end users and is therefore a compliment (of sorts) to the success of Google's browser technology.
More on the threat can be found in a write-up, containing screen shots, by BitDefender here. ®