Protect Your Data: Malicious Browser Extensions Infecting Chrome and Edge
According to the latest reports, hackers are leveraging malicious browser extensions to target Google Chrome and Microsoft Edge users nowadays. They have been deploying dangerous malware that compromises personal data and leaves systems vulnerable to further attacks. This malware campaign, active since 2021, has trapped at least 300,000 users to date.
What sets this malware apart is its capability to gain persistence on vulnerable PCs. Even if you manage to delete the malicious extension, the malware will reactivate itself the next time your computer is restarted. Isnโt it shocking? It is quite crucial to entirely cleanse your system to protect your data.
The Malvertising Menace
The hackers have used malvertising tactics, using fake sites that imitate popular software and services such as Roblox FPS Unlocker, YouTube, VLC media player, Steam, or Keepass. So, you need to be vigilant while downloading any software or extension. Otherwise, you may be tricked into installing a trojan that sets the stage for the malware attack.
Additionally, the campaign employs digitally signed malicious installers that register a planned task on vulnerable PCs. This task executes a PowerShell script, downloading and executing further payloads from a hacker-controlled server. These payloads alter the Windows Registry, pushing the installation of Chrome and Edge extensions used for ad fraud by hijacking web searches on Google and Bing.
Steps to Remove the Malware
1. Remove the Scheduled Task:
- Open the Task Scheduler by searching for it in the Start Menu.
- Click on the Task Scheduler Library, and identify the malicious task by checking the Actions tab for a PowerShell script or a file ending with โ.ps1.โ
- Once found, right-click on the task name and select Delete.
2. Edit the Registry Keys:
- Open the Registry Editor by searching for it in the Start Menu.
- Navigate to โComputer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelistโ and delete the suspicious extensions.
- Repeat the process for โComputer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Google\Chrome\ExtensionInstallForcelistโ and the corresponding Edge path.
Antivirus Software: Your Best Defense
The manual removal is also possible. For that purpose, you need to use the best antivirus software solutions for thorough and safe removal. Try to download new software or browser extensions from the official Chrome Web Store or Microsoft Edge Add-on Store to mitigate the risk of malware infections.
By following these steps, you can protect your personal data and maintain a secure browsing experience.
Check Out: Fiverr Puts Pakistani Freelancers As Unavailable Amid Internet Disruptions โ PhoneWorld
PTA Taxes Portal
Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal
Explore NowFollow us on Google News!