Multiple attacker groups are using a malicious browser extension for Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and Opera that’s aimed at stealing cryptocurrency assets from multiple websites and online wallets. The extension works by injecting rogue code into websites locally in the browser to defeat two-factor authentication and delete automated alerts from mailboxes.
“Rilide is not the first malware SpiderLabs has observed using malicious browser extensions,” researchers from Trustwave SpiderLabs said in a report. “Where this malware differs is it has the effective and rarely used ability to utilize forged dialogs to deceive users into revealing their two-factor authentication (2FA) and then withdraw cryptocurrencies in the background. During our investigation into Rilide’s origins, we uncovered similar browser extensions being advertised for sale. Additionally, we found that part of its source code was recently leaked on an underground forum due to a payment dispute.”
More Stories
NVD Revamps Operations as Vulnerability Reporting Surges
The NVD program manager has announced undergoing process improvements to catch up with its growing vulnerability backlog Read More
Friday Squid Blogging: Squid and Efficient Solar Tech
Researchers are trying to use squid color-changing biochemistry for solar tech. This appears to be new and related research to...
Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today
Experts at the Google Cloud Next event set out how security teams need to adapt their focuses in the wake...
AI Vulnerability Finding
Microsoft is reporting that its AI systems are able to find new vulnerabilities in source code: Microsoft discovered eleven vulnerabilities...
Ransomware reaches a record high, but payouts are dwindling
Will you be shedding a tear for the cybercriminals? Read more in my article on the Tripwire blog. Read More
Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems
Rockwell Automation, Hitachi Energy and Inaba Denki Sangyo have products affected by critical vulnerabilities carrying severity ratings as high as...