Security researchers have warned that the ChromeLoader browser hijacker could provide a gateway into bigger threats, such as the capability to spread ransomware, spyware, and steal data from browser sessions. Researchers state that the malware’s use of PowerShell could further this malicious activity, transforming it from a run-of-the-mill browser hijacker to a far more advanced malicious tool. Researchers warned that the ChromeLoader has seen a resurgence in activity recently, although it is unknown why. The browser hijacker is being used to pose a more sophisticated threat when compared to other malvertisers, according to security organizations Malwarebytes Labs and Red Canary.
ChromeLoader eventually manifests as a browser extension, which goes in and modifies users settings in Chrome. In addition, it redirects user traffic to advertisement websites. On Windows machines, the ChromeLoader infects victims through ISO files that masquerade as a cracked video game or pirated films or TV programs, according to researchers. Due to the fact that the ChromeLoader is platform agnostic, those using macOS should be wary of DMG files hiding the malicious content.
Read More: ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats