By Ionut Arghire on January 15, 2018 Four malicious Chrome extensions managed to infect over half a million users worldwide, including employees of major organizations, ICEBRG reports.
The extensions were likely used to conduct click fraud and/or search engine optimization (SEO) manipulation, but they could have also been used by threat actors to gain access to corporate networks and user information, the security company warns.
The malicious extensions were discovered after observing an unusual spike in outbound traffic volume from a customer workstation to a European VPS provider, ICEBRG reveals. The HTTP traffic was associated with the domain ‘change-request[.]info’ and was generated from a Chrome extension named Change HTTP Request Header.
Full Article.
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.