Rilide masquerades as a legitimate Google Drive extension and allows cybercriminals to carry out a variety of activities including getting browsing history data, taking screenshots, and withdrawing funds from various cryptocurrency exchanges.
Highlights
- Rilide is a new strain of malware that targets Chromium-based browsers like Google Chrome, Microsoft Edge, Brave, and Opera and steals users’ cryptocurrencies.
- It uses forged dialogs to deceive users into handing off their revealing their two-factor authentication (2FA) codes.
- The malware’s background script attaches a listener to certain events and removes the Content Security Policy (CSP) directive for all requests, allowing the extension to perform an attack and load external resources that would be blocked by the CSP without such an approach.
- Researchers uncovered two malicious campaigns that lead to the installation of the malware.
- They also discovered a botnet sale advertisement from an underground forum dated March 2022, which included a reverse proxy and ad clicker.
Read the original article
Reddit is deploying their new contracts, Gen 3 of the avatars are on their way!