英語閱讀 學英語,練聽力,上聽力課堂! 注冊 登錄
> 輕松閱讀 > 雙語閱讀 >  內(nèi)容

谷歌瀏覽器被曝含惡意插件

所屬教程:雙語閱讀

瀏覽:

2018年05月15日

手機版
掃描二維碼方便學習和分享
Researchers with cybersecurity firm Trend Microhave uncovered a malicious extension inGoogle's Chrome web browser that uses a multitudeof methods to steal and mine cryptocurrency frominfected users.

近日,網(wǎng)絡安全公司趨勢科技的研究人員在谷歌Chrome瀏覽器中發(fā)現(xiàn)了一個惡意擴展程序,它會使用多種方法從受感染的用戶那里竊取和挖掘加密貨幣。

The malware, which Trend Micro calls "FacexWorm", makes its way onto a victim's browser via socialengineering tactics conducted through FacebookMessenger.

趨勢科技將該惡意軟件稱為“FacexWorm”,它是通過Facebook Messenger進行的社交工程策略侵入受害者的瀏覽器。

A target would receive a link leading to a fake YouTube page that would prompt the user toinstall an extension in order to play the video. Once the extension is installed, it'sprogrammed to hijack users' Facebook accounts and spread the link throughout their friendslist.

一個目標會收到一個鏈接,彈出一個虛假的YouTube頁面,提示用戶安裝擴展程序以播放視頻。一旦安裝了擴展程序,它就會被編程為劫持用戶的Facebook賬號并將其鏈接傳播到他們的朋友列表中。

FacexWorm appears to be a Swiss Army knife of cryptocurrency-oriented malware. According toTrend Micro, the malicious extension has various capabilities:

FacexWorm似乎是面向加密貨幣惡意軟件的“瑞士軍刀”。據(jù)趨勢科技稱,惡意擴展具有各種功能:

If an infected user tries logs into Google, MyMonero or Coinhive, FacexWorm will intercept thecredentials.

如果受感染用戶嘗試登錄谷歌、MyMonero或Coinhive,F(xiàn)acexWorm將攔截憑證。

When a victim tries to go to a specified set of cryptocurrency trading platforms, they getredirected to a scam site that requests a small amount of Ether, ostensibly for verificationpurposes.

當受害者試圖訪問一組指定的加密貨幣交易平臺時,他們會被重定向到一個要求少量Ether的騙局網(wǎng)站,表面上用于驗證目的。

If FacexWorm detects that a user is on a cryptocurrency transaction page, the extensionreplaces the wallet address entered by the user with another one from the attacker.

如果FacexWorm檢測到用戶處于加密貨幣交易頁面,則擴展程序?qū)⒂脩糨斎氲腻X包地址替換為攻擊者的另一個地址。

Trend Micro says currencies targeted include bitcoin, Bitcoin Gold, Bitcoin Cash, Dash, Ethereum, Ethereum Classic, Ripple, Litecoin, Zcash and Monero.

趨勢科技表示,目標貨幣包括比特幣、比特幣黃金、比特幣現(xiàn)金、Dash、以太幣、Ethereum Classic、瑞波幣、萊特幣、Zcash和Monero。

谷歌瀏覽器被曝含惡意插件 會盜取用戶虛擬貨幣?

Trying to go to certain websites will redirect a victim to a referral link that rewards theattacker.

試圖訪問某些網(wǎng)站會將受害者重定向到獎勵攻擊者的推薦鏈接。

And, of course, FacexWorm has a cryptojacking component, using the victim's processor tomine for cryptocurrency.

當然,F(xiàn)acexWorm還有一個加密組件,使用受害者的處理器來挖掘加密貨幣。

If an affected user appears to be trying to remove the malicious plugin, it has ways ofstopping them, Trend Micro says. If a user tries opening Chrome's extension managementpage, the malware will simply close the tab.

趨勢科技稱,如果受影響的用戶似乎試圖刪除惡意插件,它還有方式進行阻止。如果用戶嘗試打開Chrome的擴展管理頁面,惡意軟件將簡單關(guān)閉該選項卡。

FacexWorm reportedly first surfaced last year. But it appears to be adware-oriented in its firstiteration and hasn't been very active until Trend Micro noticed it last month.

據(jù)報道,F(xiàn)acexWorm去年首次出現(xiàn)。但它在第一次迭代中似乎是面向廣告軟件的,并且在趨勢科技上個月發(fā)現(xiàn)它之前一直非?;钴S。

Trend Micro says it's only discovered one instance in which FacexWorm compromised a bitcointransaction, according to the attacker's digital wallet address, but that that there's no wayto tell for sure how much the attackers have actually profited.

根據(jù)攻擊者的數(shù)字錢包地址,只有FacexWorm發(fā)現(xiàn)了一個比特幣交易被入侵的例子,但是沒有辦法確定攻擊者實際獲利的多少。

The attacker is persistently trying to upload more FacexWorm-infected extensions to theChrome Web Store, the researchers say, but Google is proactively removing them.

研究人員說,攻擊者一直在試圖將更多受FacexWorm感染的擴展程序上傳到Chrome網(wǎng)上應用店,但Google正在主動將其刪除。

Trend Micro says Facebook, with which it has a partnership, has automated measures thatdetect the bad links and block their spread.

趨勢科技稱Facebook與其建立了合作伙伴關(guān)系,已經(jīng)采用自動化措施來檢測不良鏈接并阻止其傳播。
 


用戶搜索

瘋狂英語 英語語法 新概念英語 走遍美國 四級聽力 英語音標 英語入門 發(fā)音 美語 四級 新東方 七年級 賴世雄 zero是什么意思天津市中天城市風景英語學習交流群

網(wǎng)站推薦

英語翻譯英語應急口語8000句聽歌學英語英語學習方法

  • 頻道推薦
  • |
  • 全站推薦
  • 推薦下載
  • 網(wǎng)站推薦