Cybersecurity researchers from Trustwave SpiderLabs have discovered a new strain of malware that targets victim’s cryptocurrency wallets. 

Dubbed Rilide, the malware poses as an extension for Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, or Opera.

The malware poses as a legitimate extension for Google Drive, and should people install it on their endpoints, they’d give the malware the ability to monitor their browsing history, grab screenshots, and even inject malicious scripts that would pull all of their money found in cryptocurrency exchanges. 

Forged dialogs

What makes this malware unique is its ability to utilize “forged dialogs” to trick people into giving away their multi-factor authentication keys, and then pull cryptos while operating in the background. If the malware spots that the user has an account on a cryptocurrency exchange, it will try and make a withdrawal request in the background, while presenting the user with a forged device authentication dialog, to get the 2FA code. 

Usually, cryptocurrency exchanges would also notify the users of withdrawal requests via email, which is also something this malware tries to hide. These email confirmations get replaced “on the fly”, the researchers said, as long as the user enters the mailbox using the same web browser. The request email is replaced with a device authorization request, tricking the victim into giving away the 2FA code.

For the researchers, the Rilide stealer is a “prime example” of how malicious browser extensions are getting more sophisticated, and more dangerous. Both businesses and consumers need to remain vigilant, in a time when too much information can dull our senses, the researchers conclude. Not all identities on the internet are legitimate:

“Informational overload can dull our ability to interpret facts accurately and make us more vulnerable to phishing attempts. It is important to remain vigilant and skeptical when receiving unsolicited emails or messages, and to never assume that any content on the Internet is safe, even if it appears to be.”

Go to Source

Follow us on FacebookTwitter and InstagramWe are growing. Join our 6,000+ followers and us.

At TechRookies.com will strive to help turn Tech Rookies into Pros!

Want more articles click Here!

Deals on Homepage!

M1 Finance is a highly recommended brokerage start investing today here!

WeBull. LIMITED TIME OFFER: Get 3 free stocks valued up to $6300 by opening & funding a #Webull brokerage account! “>Get started >Thanks for visiting!

Subscribe to our newsletters. Here! On the homepage

Tech Rookies Music Here!

Disclaimer: I get commissions for purchases made through links in this post at no charge to you and thanks for supporting Tech Rookies.

Disclosure: Links contain affiliates. When you buy through one of our links we will receive a commission. This is at no cost to you. Thank you for supporting Teachrookies.com

Disclaimer: This article is for information purposes and should not be considered professional investment advice. It contains some forward-looking statements that should not be taken as indicators of future performance. Every investor has a different risk profile and goals. All investments have risks. Always do your own research or hire an expert before investing and trading.