Researchers spot scammers using fake browser plug-ins

Researchers spot scammers using fake browser plug-ins

Summary: Security researchers from Symantec, have spotted a fake browser plugin-in currently circulating in the wild.

SHARE:
TOPICS: Browser
6

Security researchers from Symantec, have spotted a fake browser plugin-in currently circulating in the wild.

How the infection takes place:

The scenario is very simple: the victim is lured into watching some video; but instead of asking the victim to share/like the video, (which we have seen in many scams) the scammers present the victim with a fake plug-in download image, which is required to see the video.

Once the end users are tricked into installing the fake YouTube themed browser extension, their User-Agent info is retrieved and accordingly, the fake plug-in is downloaded. For the time being, only Mozilla Firefox and Google Chrome plug-ins are being used.

The scam is currently circulating, using the [Video] Leakead video of Selena Gomez and Justin Beiber [NEW HOT!!] theme.

This isn't the first time that scammers are relying on fake browser plugins and extensions as a propagation vehicle for their scams. In December 2011, researchers from WebSense have detected a malicious campaign where the scammers were successfully hijacking Facebook accounts using bogus browser extensions.

Facebook users are advised to be extra vigilant when interacting with content shared on the most popular social networking site.

Topic: Browser

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • RE: Researchers spot scammers using fake browser plug-ins

    this is over 5 years old......... get with the times.
    ShqTth
    • RE: Researchers spot scammers using fake browser plug-ins

      @ShqTth

      Actually, this specific news broke on Jan 17, 2012.
      TechNickle
    • RE: Researchers spot scammers using fake browser plug-ins

      @ShqTth

      I agree, 5 year-old social engineering technique first used by koobface.
      Martmarty
  • RE: Researchers spot scammers using fake browser plug-ins

    I'm pretty sure, while THIS specific case may be a new thing, that this type of scamming has been going on for years. I know I have seen them. Isn't this the sort of thing that led to the eventual talk of prohibiting people from using fake info to post ANYTHING on the web? I heard they were even going to take away the ability to use pseudonyms....for SHAME!!!
    James Keenan
  • what browser? what os? zero information

    what browser? what os? zero information
    miramardesign
    • RE: Researchers spot scammers using fake browser plug-ins

      @miramardesign - i think the bottom line is that if you get a message to download and install a plug in, because you don't have it/one, then think twice about doing so, as it can be the scam's the article is informing us.

      personally, if i need a plug in I will search for it myself, instead of clicking on the warning message and having me download the plugin from an unknown site.
      databaseben