Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Cyber-Crooks Continue to Misguide Users with Forbidden Chrome Extensions

In spite of Google declaring about its prohibition of those extensions of Chrome which aren't listed in its Web-store, online miscreants keep on luring end-users pledging the provision of those very components, according to Trend Micro the security company.

Cyber-criminals use the largely-accessed sources of communication for serving malicious software, and one of them is Facebook Messenger. Through this medium, messages supposedly arrive from close acquaintances directing the recipient that he should browse for a web-page asserting there will be attractive video content in it.

According to Trend Micro's Fraud Analyst Christopher Talampas, he got one such missive, while going to the online site he discovered certain web-page resembling Facebook's design as well as one online video player, which asserted as offering certain YouTube content, thus reported softpedia.com, May 27, 2015.

The above is enough evidence of a deceitful trap as Fecebook's video player doesn't look like any of YouTube.

But, Talampas continued to browse the web-page while pulled down one automatically served file known as "Chrome_Video_installer.scr, actually a malicious executable whose name gives it an appearance of a harmless extension of Chrome browser essential for running the video.

Researchers detect this automatically served file to be TROJ_KILIM.EFLD that tries pulling down a separate file perhaps the last malware. Nevertheless, users require noting that variants of KILIM malicious program are actually malevolent plug-ins and extensions of Chrome. These variants as well spam out messages from Facebook that infect systems.

When such an assault takes place, victims become so duped that they follow the web-link due to factors like the sender of the message is some friend from Facebook and not any unknown person, while the same name of the recipient is used as addressee that he posted to his Facebook account and finally the message is very informally written inducing the victim towards reading it.

In addition, a condensed web-link in the message too makes the lure obfuscated.

Meanwhile, there has been deactivation of the fraudulent website.

According to Talampas, 36% of people visiting Facebook's particular fraudulent web-page are based at the Philippines, while 5% are based within USA. Scmagazine.com reported this, May 27, 2015.

ยป SPAMfighter News - 6/5/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page