Google Chrome Users Beware – New Hack is Dangerous to PC
A new virus hack has become active on the internet and causing serious problems to Google Chrome Users on their PCs. The virus is malicious enough to steal login credentials from the User's PC using your web browser history, reports FOXNews.
What can go worse is the fact that stolen login credentials can be further tracked down and changed without the actual user's consent. This means that the hacker can impersonate himself as the actual user and gain from his or her resources. Instance, there's a possibility that the hacker finds out your bank account details and make newer transactions without your consent.
How does this happen? - First, the attacker can persuade you online and make you click on a malicious link, which automatically downloads a Windows Explorer Shell Command File or SCF File, reports Express.
What's the SCF File? - Shell Command File is a default configuration file and automatically activates on the Chrome browser. Since it does not prompt the user for a download, it is tricky to avoid the virus hack.
Once the.SCF is downloaded, it stays in the basic downloads folder of your computer. When the actual user opens the download folder, the.SCF file is automatically launched.
What happens after the.SCF file is launched? - The harmful file attempts to retrieve potential data from the actual user's computer and send it across to the illegal database created by the attacker.
The process happens because the file is linked with the Windows icon on the attacker's database. Hence, the attack is relatively simple to execute.
This terrifying new vulnerability was disclosed by security engineer Bosko Stankovic. Stankovic shared the Google Chrome glitch on security blog DefenseCode, where he mentioned that the tech team at Google are unaware of a dangerous virus hack running on Windows 10.
DefenseCode didn't inform Google about the vulnerability following the publication of the blog. Later, Google confirmed the presence of.SCF file and reported that measures are being taken against it.
This piece of cyber threat goes as an important warning for all the organizations that allow remote access to services such as Microsoft Exchange (Outlook Anywhere) and use NTLM as an authentication method because they are most likely prone to a virus attack.