Trojan as Fake Google Chrome Extension

As more and more people are using Google Chrome and its functionalities to browse the net and to organize information, cybercriminals have set their minds on exploiting this environment to spread malware and steal users

The story is simple: Google Chrome users receive an unsolicited e-mail which announces that a new extension of their favorite browser has been developed to facilitate their access to documents from e-mails.

GCHExt spam mess

Fig. 1 The spam message used to popularize the malicious link

An apparently unsuspicious link is provided, and the recipients are advised to follow it in order to download the new extension.  Once they click the link, they are redirected to a look-alike of the Google Chrome Extensions page, which, instead of the promised extension, provides them with a fake application that infects their systems with malware.

Although the sham application has the same description as that of an original Google Chrome Extension, the first sign the more inquisitive users will get about it not being what they were looking for should be the fact that instead of the expected

About the author

Sabina DATCU

Sabina Datcu, PhD has background training in Applied Informatics and Statistics, Biology and Foreign Languages and Literatures. In 2003 she obtained a master degree in Systems Ecology and in 2009 a PhD degree in Applied Informatics and Statistics.
Since 2001, she was involved in University of Bucharest's FP 5 and FP6 European projects, as researcher in Information and Knowledge Management field.

In 2009, she joined the E-Threat Analysis and Communication Team at BitDefender as technology writer and researcher, and started to write a wide range of IT&C security-related content, from malware, spam and phishing alerts to technical whitepapers and press releases.