#chromeloader — Public Fediverse posts

Update your Chrome to fix serious actively exploited vulnerability https://www.malwarebytes.com/blog/news/2025/05/update-your-chrome-to-fix-serious-actively-exploited-vulnerability #Exploitsandvulnerabilities #sameoriginbypass #ChromeLoader #CVE20254664 #News

Update your Chrome to fix serious actively exploited vulnerability https://www.malwarebytes.com/blog/news/2025/05/update-your-chrome-to-fix-serious-actively-exploited-vulnerability #Exploitsandvulnerabilities #sameoriginbypass #ChromeLoader #CVE20254664 #News

Update your Chrome to fix serious actively exploited vulnerability https://www.malwarebytes.com/blog/news/2025/05/update-your-chrome-to-fix-serious-actively-exploited-vulnerability #Exploitsandvulnerabilities #sameoriginbypass #ChromeLoader #CVE20254664 #News

Update your Chrome to fix serious actively exploited vulnerability https://www.malwarebytes.com/blog/news/2025/05/update-your-chrome-to-fix-serious-actively-exploited-vulnerability #Exploitsandvulnerabilities #sameoriginbypass #ChromeLoader #CVE20254664 #News

Cyber Security Updates
Malware Loaders Responsible for 80% of Security Incidents
Dealing with malware loaders poses intricate challenges for SOC teams.

A recent exploration by ReliaQuest has unveiled a multitude of disruptive loader instances. Notably, the trio comprised of “QakBot” (also recognized as QBot, QuackBot, Pinkslipbot), “SocGholish,” and “Raspberry Robin” emerged as the predominant culprits.

#QakBot #Gootloader #Guloader #Ursnif #Chromeloader #ACCESSYSTEM

Sophos MDR has observed quite the uptick in #chromeloader infections. We found one instance where the infection stemmed from a fake Youtube Video Downloader site.

🔎 Google search:download youtube video
➡️ User lands on hxxps://10downloader[.]com/en/51
➡️ User attempts to download a specific video
➡️ Redirection to hxxps://heinndoorh[.]com
➡️ Redirection to hxxps://llyighaboveth[.]com
➡️ Redirection to hxxps://adtwobrightsa.info/12557074
⬇️ Downloads the sample Your File Is Ready To Download.exe

This often leads to the creation of a schtask such as \chrome display, \chrome disp, \chrome profile, and many more.

Encoded powershell is invoked to create a registry key under HKCU:\Software\ with various paths such as:

• AudioConverterStudio
• FoxitSoftware
• KCSoftwares
• DTSoft
• BinaryFortressSoftware

#threatintel

📣 #ChromeLoader, which was formerly discovered lurking within fake #VPN and antivirus, has now expanded its reach to encompass well-known games and utility software.

Read: https://www.hackread.com/roblox-nintendo-chromeloader-malwar/

#Security #Malware #Gaming #Roblox #Nintendo #cybersecurity

📬 Auf diesen PC-Spiele-Download solltest Du besser verzichten
#Gaming #Malware #AdobePhotoshop #Adware #CallofDuty #ChromeLoader #EldenRing #MarioKart #Microsoftoffice #Minecraft #VHD #Zelda https://tarnkappe.info/artikel/malware/auf-diesen-pc-spiele-download-solltest-du-besser-verzichten-266048.html

Day 1️⃣​0️⃣​ of #100DaysOfYara: MacOS Browser Hijacker Scripts🍎​
🔗​ https://github.com/colincowie/100DaysOfYara_2023/blob/main/January/010/010.md

Background on these MacOS malware scripts used by #ChromeLoader aka #ChoziosiLoader:
📖​ https://redcanary.com/blog/chromeloader/
📖​ https://blogs.vmware.com/security/2022/09/the-evolution-of-the-chromeloader-malware.html
📖​ https://www.th3protocol.com/2022/Choziosi-Loader

Todays rule did a nice job of detecting the historical ChromeLoader scripts. A more generic yara rule for identifying .command script abuse would potentially be pretty interesting!

Tech Wrap-Up for Week #29, the top 10 stories by user engagement. New #ChromeLoader variant, #CloudMensis #spyware plagues #Macs, #Windows11 blocks RDP brute-force attacks, #Chrome #security update, easy #Android secure #DNS, & more in this week's wrap-up. https://www.techhelpkb.com/tech-wrap-up-week-29-2022/?utm_source=mastodon&utm_medium=toot&utm_campaign=wrapup

Tech Wrap-Up for July 20, which is #MoonDay. New #ChromeLoader variant, #CloudMensis #spyware plagues #Macs, easy #Android secure #DNS, new #Microsoft365 dash in #Edge, best #browser of 2022, and #Chrome 103 updated, all in today's wrap-up. https://www.techhelpkb.com/tech-wrap-up-7-20-2022/?utm_source=mastodon&utm_medium=toot&utm_campaign=wrapup

Tech Wrap-Up Week 21 2022. Teen online #privacy & #safety, #blockchain & #DeFi flaws, #ChromeLoader #malware surge, #Chrome sucks at blocking #phishing sites, #cybersecurity & #coding, #WordPress 6.0 released, glitchy #Mac apps, new features expected at #WWDC22, Chrome 102 released, and protecting your #privacy in #Windows, all in this week's wrap-up. https://www.techhelpkb.com/tech-wrap-up-week-21-2022/?utm_source=mastodon&utm_medium=toot&utm_campaign=wrapup

Tech Wrap-Up 5-26-2022, which is National Paper Airplane Day. Beware #ChromeLoader #malware, #WordPress 6.0 released, CISA says patch 75 flaws, #screenshots in #Windows, File Explorer tricks, ditching #Chrome for #Firefox, all in today's wrap-up. https://www.techhelpkb.com/tech-wrap-up-5-26-2022/?utm_source=mastodon&utm_medium=toot&utm_campaign=wrapup