Malware delivered via a compromised website on Chrome browsers can bypass User Account Controls to infect systems and steal sensitive data, such as credentials and cryptocurrency.
Crooks behind a newly identified malware campaign are targeting Windows 10 with malware that can infect systems via a technique that cleverly bypasses Windows cybersecurity protections called User Account Control (UAC).
Researchers from Rapid7 recently identified the campaign and warn the goal of the attackers is to extricate sensitive data and steal cryptocurrency from the targeted infected PC.
Andrew Iwamaye, Rapid7 research analyst, said that the malware maintains persistence on PC “by abusing a Windows environment variable and a native scheduled task to ensure it persistently executes with elevated privileges.”
Iwamaye wrote in a blog post published Thursday, the attack chain is initiated when a Chrome browser user visits a malicious website and a “browser ad service” prompts the user to take an action. Inquiries as to what the researcher is identifying as a “browser ad service” have not been returned as of this writing.
Attack Target: Credentials & Cryptocurrency
The ultimate goal of the attackers is using the info-stealer malware to nab data such as browser credentials and cryptocurrency.