Bank-fraud malware not detected by any AV hosted in Chrome Web Store. Twice
A researcher has uncovered an elaborate bank-fraud scam that’s using a malicious extension in Google’s Chrome Web Store to steal targets’ passwords.
Google officials removed the extension on Tuesday, after Renato Marinho, who is the Chief Research Officer of Morphus Labs and a volunteer at the SANS Institute, reported it was part of a scam hitting Brazilian bank customers. It had been available since July 31 and was downloaded 30 times. On Wednesday, the same extension reappeared, and showed it had already received 23 downloads. It remained available for download here as this post was going live, although Marinho said he reported the reposted app to Google.