Product: Huntress EDR
Environment: Google Chrome Web Browser
Summary: Our SOC built out new detections to catch a new variant of Chromeloader.
Why am I seeing an uptick in reports for Chromeloader?
Our SOC recently built out some new detections around new Chromeloader variants. Because of the new detections, you may see some increased incident reports for this.
How does this occur, and what does it do?
ChromeLoader is spread through malicious advertisements and fake software updates. Once installed, it hijacks the users browser by changing various settings including search engines in order to redirect users to malicious websites. The redirections can lead to data theft, phishing attacks, and additional installation of malware.
I received a report; what should I do?
We advise following the remediation steps that are included in the report from our SOC. This will remove the foothold put in place by Chromeloader.
If you have any additional questions about the reports, please feel free to reach out to support.
Comments
0 comments
Please sign in to leave a comment.