Google Chrome has issued a warning to users about a new malware campaign called ChromeLoader, which is being spread by websites that offer pirated content. The malware infects users with harmful Google Chrome extensions, with the latest version, ChromeLoader Shampoo, spreading through websites hosting pirated movies and video games.
ChromeLoader Shampoo Malware Campaign Targets Pirated Content Users
Users who watch pirated content such as movies, web series, TV shows, and video games online are in danger of being infected with the ChromeLoader Shampoo malware. Hackers deceive Chrome users into downloading the fraudulent extension, which then redirects search queries to malicious websites, allowing criminals to engage in fraudulent advertising campaigns.
Challenging to Remove Malware
Getting rid of ChromeLoader Shampoo malware is more complex than uninstalling an extension. The malware employs looping scripts and a scheduled task in Windows to reinstall the extension automatically whenever the victim attempts to remove it or restart their device. Users must follow specific steps to disable the malware.
How to Check If Your Device is Infected
Chrome users can identify if Shampoo or any ChromeLoader is on their device by checking if Chrome runs with the “–load-extension” argument. ChromeLoader relies on this argument to load the extension into a Chrome session.
In light of this development, Chrome users are advised to be cautious when visiting websites that offer pirated content and to take necessary precautions to protect their devices from malicious attacks. It is essential to stay informed about the latest malware campaigns and to follow the recommended steps to prevent infection.