The FBI has issued an urgent warning to three billion Google Chrome users over a new dangerous hacking scam.
It’s no secret that surfing the web and even using our phones can put us in danger of hackers.
From dodgy fake WiFi networks to scamming apps, intruders are constantly trying to find new ways to manipulate technology to gain our data and personal information.
Now, the federal agency is warning cybercriminals have created yet another method, this time by making new websites on Google to convert one type of file into another, like a .doc file to a .pdf file, or for MP3 or MP4 files, which are instead warped with malicious code.
Once the sham files are downloaded, cybercriminals are reportedly gaining access to users’ stored information, like social security numbers, passwords and banking.
Some three billion users could be at risk (Getty Images)
Vikki Migoya, public affairs specialist for FBI Denver, said: “Unfortunately, many victims don’t realize they have been infected by malware until it’s too late, and their computer is infected with ransomware or their identity has been stolen,” reports The Daily Mail.
Migoya added: “The scammers try to mimic URLs that are legit – so changing just one letter, or ‘INC’ instead of ‘CO.’
“Users who in the past would type ‘free online file converter’ into a search engine are vulnerable, as the algorithms used for results now often include paid results, which might be scams.”
The FBI is now advising people who use the internet browser Chrome not to download file converters from unfamiliar websites.
If you do download one and realize you are a victim of the scam, the agency says to contact your bank or financial institution ‘immediately,’ report the incident to IC3.gov. and get your device checked out.
Hackers are constantly coming up with new ways (Getty Images)
It added: “Run up-to-date virus scan software to check for potentially malicious software installed by the scammers.”
“Consider taking your computer to a professional company specializing in virus and malware removal services.”
The news comes as millions of Google Chrome users were also warned about 16 different types of browser extensions that had been comprised by hackers.
The list of extensions being impacted include Blipshot, Emojis, Color Changer for YouTube, Video Effects for YouTube and Audio Enhancer, Themes for Chrome and YouTube Picture in Picture and Mike Adblock for Chrome, Super Dark Mode and Emoji Keyboard Emojis for Chrome.
Adblock for Chrome, Nimble Capture, KProxy and Page Refresh, Wistia Video Downloader, Adblocker for Chrome and Adblock for You are also said to be influenced by hackers.
GitLab Threat Intelligence, which discovered the dodgy scheme, stated on its website: “We identified a cluster of at least 16 malicious Chrome extensions used to inject code into browsers to facilitate advertising and search engine optimization fraud.
“The extensions span diverse functionality including screen capture, ad blocking and emoji keyboards and impact at least 3.2 million users.
“The threat actor uses a complex multistage attack to degrade the security of users’ browsers and then inject content, traversing browser security boundaries and hiding malicious code outside of extensions. We have only been able to partly reproduce the threat actor’s attack chain.”
While Google confirmed to UNILAD that the ‘extensions are removed from the Chrome Webs store,’ the tech pros said people who have downloaded them already will need to manually delete them from their devices.
