If you usually install extensions Google Chromebe careful from now on. The cybersecurity firm ESET warned about a new digital threat: a malicious extension that, pretending to be a security tool, can steal your banking details and even empty your accounts.
According to We Live Security, The extension was identified as JS/Spy.Banker.CV and it is spreading mainly in Mexico, although cases have already been detected in other Latin American countries.
He malware is distributed through Fake emails that imitate well-known financial institutionsusing official logos and messages to deceive victims.
How it gets to your computer and what it does when installed
Through these fake emails, internet hackers warn you about a supposed “security update” and you are invited to open an attached compressed file.
Inside the file is hidden the fake extension, which once installed, masquerades as a legitimate protection tool. In this way, it analyzes user behavior and Detects when you visit a page related to banking or online payments.
The code of malware contains variables written in Portuguese, suggesting a possible origin in Brazilalthough its reach has expanded rapidly throughout the region.
Likewise, the malware modifies the website structure (DOM) to display fake forms that look identical to the real ones. The user enters their personal information, passwords and account numbers believing it is on the official sitebut in reality that data is sent to the cybercriminals’ servers.
Finally, you can alter transfer datareplacing account numbers or cryptocurrency addresses with those of the attackers.
How to protect yourself from a fake Google Chrome extension
- Check your extensions: go to Google Chrome settings and remove any extension you don’t recognize or that promises suspicious security features.
- Do not open compressed files received by emailespecially if they claim to come from banks or financial platforms.
- Update your browser and your antivirus
- Always check the sender address. Legitimate banks don’t send attachments or ask you to install extensions.
- Activate two-factor authentication on all your financial accounts to add an extra layer of security.
The post Fake Chrome extension steals money and banking details: how it operates appeared first on Veritas News.
