Skip to main content
  1. Home
  2. Computing
  3. News

This Chrome extension lets hackers remotely seize your PC

By
Add as a preferred source on Google

Malicious extensions on Google Chrome are being used by hackers remotely in an effort to steal sensitive information.

As reported by Bleeping Computer, a new Chrome browser botnet titled ‘Cloud9’ is also capable of logging keystrokes, as well as distributing ads and malicious code.

A depiction of a hacker breaking into a system via the use of code.
Getty Images

The browser botnet operates as a remote access trojan (RAT) for the Chromium web browser, which includes both Chrome and Microsoft Edge. As such, it’s not just login credentials that can be accessed; hackers can also launch distributed denial of service (DDoS) attacks.

Recommended Videos

The Chrome extension in question is naturally not accessible via Google’s official Chrome web store, so you may be wondering how victims are being targeted. Websites that exist to spread infections via bogus Adobe Flash Player update notifications are being used instead.

Security researchers at Zimperium have confirmed that Cloud9 infection rates have been detected in multiple regions around the world.

The foundation of Cloud9 is three central JavaScript files that can obtain information of the target system, and mine cryptocurrency on that same PC in addition to injecting scripts in order to launch browser exploits.

Multiple vulnerabilities are being exploited, Zimperium notes, including CVE-2019-11708 and CVE-2019-9810 in Firefox, CVE-2014-6332 and CVE-2016-0189 for Internet Explorer, and CVE-2016-7200 for Microsoft Edge.

Although the vulnerabilities are commonly used to install Windows malware, the Cloud9 extension can steal cookies from a browser, allowing hackers to take over valid user sessions.

Furthermore, the malware comes with a keylogger — software that can essentially send all your key presses to the attackers. A “clipper” module was also discovered in the extension, which allows the PC to access copied passwords or credit cards.

“Layer 7 attacks are usually very hard to detect because the TCP connection looks very similar to legitimate requests,” Zimperium stated. “The developer is likely using this botnet to provide a service to perform DDOS.”

Another way the threat actors behind Cloud9 generate even more illicit income is by injecting advertisements and then loading these webpages in the background to accrue ad impressions.

With Cloud9 being spotted on cybercrime forums, the operators could be selling its malicious extension to interested parties. With this in mind, always double-check if you’re installing anything on your browser from an unofficial source and enable two-factor authentication where possible.

Zak Islam
Zak Islam
Former Contributor
Zak covers the latest news in the technology world, particularly the computing field. A fan of anything pertaining to tech…
Topics
Adobe’s new AI assistant could save you hours in Photoshop and Premiere
Premiere Pro users may never have to rename 500 video clips again
Adobe

Adobe is making one of its biggest bets yet on AI-powered creativity. The company has announced a major expansion of its creative agent across Firefly and Creative Cloud, introducing AI assistants capable of handling complex, multi-step workflows across applications, including Photoshop, Premiere Pro, Illustrator, InDesign, and Frame.io.

The move positions Adobe's AI agent as a central layer connecting every stage of the creative process, from brainstorming and content generation to editing and final production. Rather than simply generating images or text, Adobe's vision is to create an assistant that can understand a creator's goal and execute a series of actions across multiple tools.

Read more
Trump says Intel will make chips for Apple in a major win for U.S. manufacturing
Intel Foundry may have landed its most important customer yet
Logo

Intel’s efforts to rebuild its chipmaking business may have landed its biggest customer yet. U.S. President Donald Trump announced on Thursday that Apple has agreed to work with Intel to design and manufacture chips in the United States, a deal that could significantly strengthen Intel’s foundry ambitions.

The announcement does not come out of the blue. Earlier reports indicated that Apple and Intel had been discussing a manufacturing partnership for more than a year and had already begun working together on select chip production projects.

Read more
A harmless-looking ChatGPT prompt opened the door to gruesome AI images
The findings show how image safety systems can fail without explicit graphic instructions.
ChatGPT

A harmless-looking ChatGPT prompt pushed the latest public version of ChatGPT into generating sexualized and violent images, AI security researchers told the BBC. The finding puts new pressure on OpenAI’s image safety systems, since the request wasn’t described as plainly graphic.

Mindgard, a British AI security startup, said it reached the results by altering a widely shared instruction that had been used for comedy. OpenAI added safeguards after the BBC contacted it, but the researchers said small wording changes still produced concerning images.

Read more