If you come across a website asking you to download the latest Adobe Flash Player update, think twice as Zimperium cyber security researchers have discovered a new campaign to distribute a malicious browser add-on for Chromium-based browsers
Experts warn that the only thing you’ll download is a Cloud9 browser botnet that can do all sorts of nasty things via the Chromium browser (opens in a new tab).
According to their research, Cloud9 is an add-on that can perform various malicious activities such as stealing online accounts, logging keystrokes, silently loading ads, and using the browser in distributed denial of service (DDoS). (opens in a new tab)) attacks. If allowed, the add-on will also use various exploits to place additional malware on the targeted endpoint, becoming even more dangerous.
Keksec does it again
“Layer 7 attacks are usually very difficult to detect because a TCP connection looks very similar to legitimate requests,” Zimperium explained. “The developer is likely using this botnet to provide a DDOS execution service.”
Researchers believe that a group known as Keksec is behind the latest malware distribution campaign because it uses the same command and control (C2) servers that Keksec has used in the past. This would not be the first Keksec botnet as EnemyBot, Tsunamy, Gafgyt, DarkHTTP, DarkIRC and Necro have already developed it.
For this latest product, they don’t seem to be targeting anyone in particular as the victims are spread all over the world. Another possibility is that Keksec actually sells or rents the tool to other cyber criminals, hence the varied list of victims.
Response to findings regarding Hissing computerGoogle has warned users to always update their browsers to the latest version and use up-to-date security.
“Users can also better protect themselves from malicious executables and websites by turning on Enhanced Protection in Chrome’s privacy and security settings,” Google added. “Extended Protection automatically alerts you to potentially dangerous sites and downloads, and checks the safety of your downloads and alerts you when a file may be dangerous.”
By: Hissing computer (opens in a new tab)