Rilide Malware Targets Chromium-Based Browsers in New Attack

The Trustwave SpiderLabs Research team found Rilide, a new malware that targets Chromium-based browsers. The malware masquerades as a Google Drive extension and is designed to steal sensitive data and cryptocurrencies from victims. Once infected, the virus may do various harmful operations, such as monitoring browsing history, capturing screenshots, and inserting malicious scripts. Rilide can also display bogus dialogues to deceive the user into inputting a two-factor authentication code.

Trustwave states two Rilide campaigns are active, one involving the Ekipa trojan and the other utilizing the Aurora info stealer. The malware’s origins are unknown. However, the researchers discovered a March 2022 post on a cybercrime site in which a person is offering a botnet with comparable characteristics. Due to a disagreement, some of the malware’s source code was exposed to the web, allowing the researchers to access many GitHub repositories controlled by a person known as “gulantin.” Loaders for malicious extensions may be found in these repositories.

The Rilide malware is concerning since it disguises itself as safe-looking extensions, making it difficult to detect. It is also critical to exercise caution while downloading extensions and only from reputable sites. Users should also maintain their browsers and security software up to date to protect themselves from new attacks.

Trustwave researchers advise users to examine their browser extensions and uninstall any questionable ones. They also advise a system scan using an updated antivirus solution to identify any malware attack. To guard against cyberattacks, being aware and updated about emerging risks is critical.

Bhasker Das
Bhasker Das, with a master's in Cybersecurity, is a seasoned editor focusing on online security, privacy, and protection. When not decrypting the complexities of the cyber world, Anu indulges in his passion for chess, seeing parallels in strategy and foresight.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Exit mobile version