- Amherst woman bilked $10,000 in Plenty of Fish scam, according to police
- Ottawa man is facing a slew of sex assault, fraud charges as police link the arrest to fake Uber driver
- RCMP link Ontario man to LeakedSource.com, home of 3 billion hacked accounts
- Law Society of Ontario tribunal finds lawyer guilty of professional misconduct, misappropriation of funds.
- Trial for Peterborough couple charged with fraud begins after three years
A new google chrome extension, using email and the private messaging service WhatsApp to steal everything from your user data to credit credit card numbers.
Following a photo link, the victim is duped into downloading “whatsapp.exe,” which is essentially the malware dropper file.
Once downloaded and opened, a fake Adobe Reader install wizard prompts the victim to specific files full of malware.
Notably, the malware attempts to disable Windows firewall and disable multiple roadblocks that could prevent the malicious code from executing itself.
While most malicious extensions are rigged do one thing or another, “Catch-All” tries to get its mitts on any piece of data it can, including banking information.
Malicious Chrome extensions seem to be on the rise, as of late. Just last week, a software engineer discovered a Google Chrome URL shortening extension carrying a hidden cryptocurrency miner. A month earlier, torrent site The Pirate Bay was found engaging in a similar practice, allegedly as part of a test pilot program to monetize the site without having to display annoying ads.
Read the full story over at Bitfender.