Tag Archive for: Chrome

Magniber ransomware being spread in the guise of a legit Microsoft Edge and Google Chrome update


, , , , , ,

search relation.

, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

 

Source…

DO NOT download this Chrome, Microsoft Edge update! Your PC will be in trouble


Chrome and Microsoft Edge users should avoid downloading updates from malicious websites, since a Magniber ransomware is widely spreading.

Do you see a update notification on your Google Chrome browser asking to download an update? If yes, close the page immediately and do not hit the download key. A new ransomware is widely spreading via malicious websites and it could make all data on your computer useless, unless you pay a ransom. The issue is also present on Microsoft Edge browser, given that it uses the same Chromium codes.

In a report from GBhackers.com, it is said that infamous Magniber ransomware is back. This one had a reputation for using the old Internet Explorer browser as its media to target innocent people. Now, the attackers are using Microsoft Edge and Google Chrome to do the same.

Magniber ransomware is back

The ransomware works the same way as it used to previously, except for the fact that it now works on Chrome and Edge browsers. The malware is often distributed through fake webpages pretending to offer a new update for your Chrome or Edge browser. Once the user click on “Update Chrome” or “Update Edge” buttons, the page downloads a browser extension of the .appx type.

Once the extension is installed, the program is executed in the background and the inevitable happens. The malicious files start encrypting the files on your Windows system in the background, without letting you have any idea about it.

Once the malicious encryption is finished, the program will throw up a Notepad document that contains the ransom note. You won’t eb able to access the files on your computer after this and the only way to get it back is by paying the ransom. The ransomware also makes victims download the Tor browser for the process.

How to avoid this ransomware

There are some common things to note in order to stay safe from such ransomware in the future.

– Never download any “update packages” for your Chrome or Edge browser from other websites. Chrome and Edge can download their updated from the servers automatically, hence, there’s no need for manual updating. Hackers often lure you into downloading an update…

Source…

Experts warn against storing passwords in Chrome


Hackers are preying on people working from home for passwords stored in web browsers, experts claim.

Keeping passwords saved in the likes of Chrome and Edge are pretty common practice and usually considered quite safe.

They are designed to take the hassle out of remembering login details for every site you use.

But now IT researchers are cautioning against using such features in any browser over a recent security breach that compromised a company.

Bad actors appear to be exploiting the fact office workers in the UK and US are being forced to work from home amid the ongoing coronavirus pandemic.

According to security experts AhnLab, an employee working remotely fell victim as they used a VPN to access their company’s network.

The person was innocently doing their job on a device shared with others they live with, unaware it was already infected with a nasty piece of info-stealing malware called Redline Stealer.

This led to sensitive account details and passwords from various sites being stolen, including information to access the company’s VPN.

Hackers then used it to login and pry on the private business data three months later.

And worse still, the computer had antivirus software installed but the malware was able to get around it.

“Although the account credentials storing feature of browsers is very convenient, as there is a risk of leakage of account credentials upon malware infection, users are recommended to refrain from using it and only use programs from clear sources,” AhnLab said.

Hackers have been reportedly been targeting people who work at home due to the COVID-19 pandemic.
Hackers have been reportedly targeting people who work at home due to the COVID-19 pandemic.
Shutterstock

Redline Stealer is pretty cheap and easy to get hold of on the dark web, which means it’s hard to trace the incident back to a specific group.

It costs as little as $150 to get hold off.

The malicious tool first appeared in March 2020, right as the pandemic began to spread.

It comes amid a huge spike in scams over the course of COVID-19’s unwelcome arrival.

Millions were targeted by COVID Pass scams conning people out of money and sensitive data, while phony jabs have also been rife.

Source…

Experts warn AGAINST storing passwords in Chrome after hackers target homeworkers


HACKERS are preying on people working from home for passwords stored in web browsers, experts claim.

Keeping passwords saved in the likes of Chrome and Edge are pretty common practice and usually considered quite safe.

A worker was unaware the computer they were using to work was already infested with malware

2

A worker was unaware the computer they were using to work was already infested with malwareCredit: Getty

They are designed to take the hassle out of remembering login details for every site you use.

But now IT researchers are cautioning against using such features in any browser over a recent security breach that compromised a company.

Bad actors appear to be exploiting the fact office workers in the UK and US are being forced to work from home amid the ongoing coronavirus pandemic.

According to security experts AhnLab, an employee working remotely fell victim as they used a VPN to access their company’s network.

The person was innocently doing their job on a device shared with others they live with, unaware it was already infected with a nasty piece of infostealing malware called Redline Stealer.

This led to sensitive account details and passwords from various sites being stolen, including information to access the company’s VPN.

Hackers then used it to login and pry on the private business data three months later.

And worse still, the computer had antivirus software installed but the malware was able to get around it.

“Although the account credentials storing feature of browsers is very convenient, as there is a risk of leakage of account credentials upon malware infection, users are recommended to refrain from using it and only use programs from clear sources,” AhnLab said.

Redline Stealer is pretty cheap and easy to get hold of on the dark web, which means it’s hard to trace the incident back to a specific group.

It costs as little as $150/£111 to get hold off.

The malicious tool first appeared in March 2020, right as the pandemic began to spread.

It comes amid a huge spike in scams over the course of COVID-19’s unwelcome arrival.

Millions were targeted by Covid Pass scams conning people out of money and sensitive data, while phony jabs have also been rife.

The pandemic has been the perfect opportunity for hackers to exploit people stuck indoors

2

The pandemic has been the perfect opportunity for hackers to exploit people stuck indoorsCredit: Alamy

Source…