CryptBot malware is wreaking havoc on the Chrome browser, stealing sensitive data from thousands of users. Google has just obtained a court order that will allow it to remove current and future domains related to its distribution.
Computer attacks are legion on the most popular browser in the world. A few days ago, we reported to you about fake Google Chrome updates infected with malware. On the alert in the face of threats, Google has just obtained an interim order from a US court. Which will allow him to undermine the spread of a particularly hostile malicious program.
Google Chrome: what sensitive data is stolen by the CryptBot malware?
Called Cryptbot, it is able to identify and steal sensitive data from the computers of Google Chrome users. Passwords and authentication credentials, social media accounts, cryptocurrency wallets… In 2022 alone, CryptBot is estimated to have infected over 670,000 computers.
Once intercepted, the collected data is sold to other hackers who use it in data breach campaigns. CryptBot was first discovered in December 2019. The malware hides behind modified versions of legitimate software like Google Chrome or Google Earth Pro hosted on fraudulent sites.
Read > Chrome: Google fixes yet another security flaw, update your browser quickly
The main CryptBot distributors are suspected of exploiting a “global criminal enterprise” based in Pakistan. Google plans to use the court order, granted by a federal judge in the Southern District of New York, to “remove current and future domains related to CryptBot distribution”, thus limiting the spread of new infections.
To avoid getting infected, only download software from genuine and trusted sources. Keep your apps and operating systems up to date as well. On Chrome, beware of fake extensions that try to steal your credentials.
