RATE Group | Bitcoin hijackers found at least one sucker for scam Chrome extension • The Register
25020
post-template-default,single,single-post,postid-25020,single-format-standard,ajax_fade,page_not_loaded,,qode_grid_1300,side_area_uncovered_from_content,footer_responsive_adv,qode-content-sidebar-responsive,qode-child-theme-ver-1.0.0,qode-theme-ver-13.3,qode-theme-bridge,wpb-js-composer js-comp-ver-7.9,vc_responsive
 

Bitcoin hijackers found at least one sucker for scam Chrome extension • The Register

01 May Bitcoin hijackers found at least one sucker for scam Chrome extension • The Register

Posted at 06:12h in Bitcoin News by

[ad_1]

Security researchers have caught a Bitcoin-hijacking Chrome extension that only managed to grab one BitCoin transaction before being exposed.

Trend Micro researchers said the malicious extensions used an attack technique that first emerged last year, dubbed FacexWorm, and added that they noticed re-emerging activity earlier this month.

FacexWorm propagates in malicious Facebook Messenger messages, the company said, and only attacks Chrome; if another browser is detected, the user is directed to an innocuous advertisement.

Victims were tricked into installing the malicious extension as a codec extension, offered when they clicked a Facebook Messenger link to a YouTube video.

“FacexWorm is a clone of a normal Chrome extension but injected with short code containing its main routine,” the post said. “It downloads additional JavaScript code from the C&C server when the browser is…

[ad_2]

Article Source

Tags:
, , , , , ,