Researchers noticed that several malicious websites were marketing cracked versions of famous games, including the following: Numerous Websites Promoting Fake Game Cracks/Hacks The shift from ISO to VHD files indicates that ChromeLoader has undergone another round of upgrades. Many of its new versions can invade both macOS and Windows devices. In May 2022, ChromeLoader malware was pushed into pirated games and QR codes.Įventually, it evolved into a multi-faceted, potent threat capable of stealing sensitive user data, deploying ransomware, and dropping decompression bombs.ĬhromeLoader can also conduct click fraud by leveraging browser extensions to monetize clicks.
“Disguising malware as game hacks and crack programs is a method employed by many threat actors,” researchers said in a blog post.ĬhromeLoader, also known as ChromeBack and Choziosi, surfaced first as a browser-hijacking credential stealer in January 2022.
“When a VHD file is downloaded through this process, the user can easily mistake the malicious VHD file for a game-related program,” ASEC researchers said. One of the malicious websites (Screenshot credit: ACSE) A VHD file can be easily mounted on a Windows device and works with most virtualization software as well. The objective is to modify browser settings by infecting web browsers, such as Google Chrome, and diverting traffic to bogus advertising websites. However, in this case, attackers have used VHD files, which are distributed with filenames that seem like cracks or hacks for Steam and Nintendo games. Hackers Using VHD Files As Popular Games CracksĪccording to AhnLab researchers, the ChromeLoader malware campaign is distributed via VHD (virtual hard disk) files, which is a different choice because, usually, ISO optical disc image format files are used in such campaigns. This campaign is dubbed uncommon due to the file type attackers have used to evade detection.
The cybersecurity researchers at AhnLab Security Emergency response Center (ASEC) have discovered a new ChromeLoader malware campaign in which hackers managed to bypass antivirus programs and other cybersecurity mechanisms. Learn more about the threat and how to protect your device from this malicious software. Beware of fake ROBLOX, Steam and Nintendo game cracks that may contain the ChromeLoader malware.
0 kommentar(er)
