Advisory |
Malware Intelligence |
Malware Type |
Trojan |
Threat level |
Medium |
Target |
Browser Extensions |
Malware capabilities:
- Produce log files for each time the victim clicks on a URL.
- Redirect the users to advertisements and phishing websites
- Steal personal data (birthday, email address, first sign-in time, last login time, device information, device name, operating system, browser details, IP address)
- Prevent detection even by skilled users in web development
Impacts
Technical Impact:
- Steal personal/ sensitive information
- Download further malware
- Control and monetize from browser traffic
Business Impact:
- Data leaks can have an adverse impact on the victims privacy.
List of infected extensions
| Direct Message for Instagram | Direct Message for Instagram |
| DM for Instagram | Invisible mode for Instagram Direct Message |
| Downloader for Instagram | Instagram Download Video & Image |
| App Phone for Instagram | App Phone for Instagram |
| Stories for Instagram | Universal Video Downloader |
| Video Downloader for FaceBook | Vimeo Video Downloader |
| Volume Controller | Zoomer for Instagram and FaceBook |
| VK UnBlock. Works fast. | Odnoklassniki UnBlock. Works quickly. |
| Upload photo to Instagram | Spotify Music Downloader |
| Stories for Instagram | Upload photo to Instagram |
| Pretty Kitty, The Cat Pet | Video Downloader for YouTube |
| SoundCloud Music Downloader | The New York Times News |
| Instagram App with Direct Message DM |
Mitigations
- Use real-time web page monitoring tools
- Use web-proxy filtering to block access of unwanted websites