Key Highlights:
ChromeLoader Shampoo Malware Campaign Targets Pirated Content Users
Users who watch pirated content such as movies, web series, TV shows, and video games online are in danger of being infected with the ChromeLoader Shampoo malware. Hackers deceive Chrome users into downloading the fraudulent extension, which then redirects search queries to malicious websites, allowing criminals to engage in fraudulent advertising campaigns.
Challenging to Remove Malware
Getting rid of ChromeLoader Shampoo malware is more complex than uninstalling an extension. The malware employs looping scripts and a scheduled task in Windows to reinstall the extension automatically whenever the victim attempts to remove it or restart their device. Users must follow specific steps to disable the malware.
How to Check If Your Device is Infected
Chrome users can identify if Shampoo or any ChromeLoader is on their device by checking if Chrome runs with the “–load-extension” argument. ChromeLoader relies on this argument to load the extension into a Chrome session.
