New Rilide Malware Strikes Chromium-Based Browsers to Steal Cryptocurrency

Home/Compromised, Data Breach, malicious cyber actors, Malicious extension, Malware, Targeted Attacks, Tips/New Rilide Malware Strikes Chromium-Based Browsers to Steal Cryptocurrency

New Rilide Malware Strikes Chromium-Based Browsers to Steal Cryptocurrency

Researchers discovered a new malware that fakes legitimate Google Drive extensions to inject malicious scripts and steal cryptocurrency. The new Rilide malware targets Chromium-based browsers like Google Chrome, Microsoft Edge, Brave, and Opera.

New Rilide Malware

“The Rilide malware masquerades as a legitimate Google Drive extension and allows threat actors to perform a wide range of malicious activities, including tracking browsing history, taking screenshots, and injecting malicious scripts to withdraw money from various cryptocurrency exchanges,” it said. Trustwave SpiderLabs research in a report shared with The Hacker News.

Using forged dialogs, the malware lures unsuspicious users to disclose their two-factor authentication (2FA). The next step is to steal their cryptocurrencies.

This leaked code can swap cryptocurrency wallet addresses from the clipboard with the attacker’s address. Moreover, the C2 address embedded in the Rilide code can identify GitHub repositories belonging to a user named gulantin, which contains the extension’s loader.

When it comes to protecting yourself from malicious browser extensions, the best antivirus software can help prevent you from becoming infected with malware or having your data stolen. Likewise, the best identity theft protection services can help you regain lost funds stolen by hackers and restore your identity if it’s stolen.

Indicators of Compromise







About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!