Google Chrome users looking to download pirated software at risk of new malware infection

The malware activates once users download and run the "install" program in the ISO file. ST PHOTO: BENJAMIN SEETOR
Dominic Low
Updated
Sep 23, 2022, 05:41 AM
Published
Sep 22, 2022, 02:53 PM

SINGAPORE - Internet users, especially those on Google's Chrome browser, should think twice before illegally downloading video games and other software.

Software researchers have warned about ChromeLoader, a malware that masquerades as pirated digital files and allows hackers to steal data or install ransomware on infected computers.

"This malware has been observed to be distributed using malicious ISO and DMG files through advertisements, browser redirects and YouTube video comments," said the Singapore Computer Emergency Response Team (SingCert) of the Cyber Security Agency of Singapore, which sounded the alert on Wednesday.

An ISO file is a digital copy of content originally found on a DVD or CD. It is often used as a back-up for the contents in the disc.

The file can be accessed with the right software on a device running on the Windows operating system, as though it was reading from a DVD or CD.

A DMG file is the ISO counterpart for Apple devices.

Most pirated versions of software or video games available online tend to be in the ISO or DMG format.

According to a report published on Monday by security firm VMware Carbon Black, cyber criminals typically distribute ChromeLoader via an ISO file impersonating pirated software on social media platforms, torrents and pirate websites. The malware might even be bundled with actual pirated software.

The malware activates once users download and run the "install" program in the ISO file.

VMware also noted instances of ChromeLoader imitating legitimate programs such as OpenSubtitles - which helps users find subtitles for popular movies and TV shows - and online music player FLB Music.

In such cases, the malware is triggered when users attempt to install the downloaded program.

VMware said the impact of malware infection varies.

Some ChromeLoader variants cause the device to download and install a Chrome extension, which modifies the browser's settings to show search results of unwanted advertising websites.

Others release programs that steal information from infected devices, install ransomware, or even crash systems by overloading them with data.

    More On This Topic
    Users of Google's Chrome browser advised to install security update immediately
    Google will introduce a new system for tracking Chrome browser users for online ads

    In its statement on Wednesday, SingCert advised Chrome users to:

    • Download games and software from legitimate websites.
    • Review all browser extensions installed. To check the tools installed, click the three dots in the top right corner of the browser window to access "More Tools" and then click on "Extensions".
    • Reset browser settings and implement additional clean-up methods to remove unwanted ads, pop-ups and malware.
    • Ensure that security software is up to date and performs regular scans to detect such malware.
    • Actively review developer information and extension permissions before installing a new extension to the Chrome browser.
    More On This Topic
    Apple users urged to install patch immediately to fix critical security flaw
    137 S'pore firms fell prey to ransomware attacks in 2021: CSA

    Join ST's Telegram channel and get the latest breaking news delivered to you.

    Available for
    iPhones and iPads
    Available in
    Google Play

    MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

    Back to the top