Researchers spot scammers using fake browser plug-ins

Summary:Security researchers from Symantec, have spotted a fake browser plugin-in currently circulating in the wild.

Security researchers from Symantec, have spotted a fake browser plugin-in currently circulating in the wild.

How the infection takes place:

The scenario is very simple: the victim is lured into watching some video; but instead of asking the victim to share/like the video, (which we have seen in many scams) the scammers present the victim with a fake plug-in download image, which is required to see the video.

Once the end users are tricked into installing the fake YouTube themed browser extension, their User-Agent info is retrieved and accordingly, the fake plug-in is downloaded. For the time being, only Mozilla Firefox and Google Chrome plug-ins are being used.

The scam is currently circulating, using the [Video] Leakead video of Selena Gomez and Justin Beiber [NEW HOT!!] theme.

This isn't the first time that scammers are relying on fake browser plugins and extensions as a propagation vehicle for their scams. In December 2011, researchers from WebSense have detected a malicious campaign where the scammers were successfully hijacking Facebook accounts using bogus browser extensions.

Facebook users are advised to be extra vigilant when interacting with content shared on the most popular social networking site.

Topics: Browser

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.