Chrome Store hosts Facebook-highjack Flash

Google now in cat and mouse game with scammers

Malware makers have slipped a fake version of Adobe’s Flash on to its Chrome Web Store to support an Facebook scam that generates fraudulent “Likes” that are sold to companies.

Google Chrome Web Store launched in 2010 to distribute apps, games and productivity tools however malware makers and legitimate organisations have been slower to use the platform than Google’s Android Market.

For example, the Commonwealth Bank of Australia this February launched its NetBank app on Chrome store, while its Android and iPhone apps have been available since at least 2011.

Researchers from antivirus firm Kaspersky this month discovered the malicious Flash app hosted on Google’s Chrome browser store. The fake app completes the circle in a scam aimed at controlling Facebook accounts, specifically its “Like” feature.

The launchpad for the fake Flash Player is a Facebook app called “Aprenda”. If Aprenda is installed it redirects users to Chrome Web Store, encouraging them to install the fake Flash extension.

“This last one caught our attention not because it asks the user to install a malicious extension, but because the malicious extension is hosted at the official Google's Chrome Web Store. If the user clicks on ‘install application’ he will be redirected to the official store. The malicious extension presents itself as “Adobe Flash Player”, wrote Fabio Assolini.

"Be careful when using Facebook. And think twice before installing a Google Chrome extension," he adds.

Google has quickly removed the fake software but Assolini noted “the bad guys behind this malicious scheme are uploading new extensions regularly, in a cat and mouse game.”

The malware operates in much the same way as other Facebook scams, such as inviting friends to install it, however the purpose of the highjacking accounts is to generate fraudulent "Likes" which are sold for about US$27 per 1,000.

The malware appears not to have hit Australians but has spread mildly across Portugal and Brazil and to an extent the US and Europe.

About 900 people had installed the fake Flash software allowing the malware to then take over the victim’s Facebook profile, according to Assolini.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Register Today. 

Consumerisation is inevitable.. So how secure is your data?

Hear from Rob Livingstone, Michael Barnes, Steve Quane and Dave Asprey amongst others on the Evolution. Trends, Solutions and the Future of Cloud Security, limited seats register today through CSO.

Join the CSO newsletter!

Error: Please check your email address.

More about Adobe SystemsCommonwealth Bank of AustraliaFacebookGoogleKasperskyKasperskyNetBank

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place