Rilide Malware Enables Hackers to Bypass 2FA and Steal Crypto
A new malware strain called Rilide has been discovered, which is designed to attack web browsers built on the Chromium platform. It camouflages itself as a legit Google Drive extension to evade detection and leverages inherent Chrome features for malicious purposes. Rilide can monitor browsing history, take screenshots, and inject malicious scripts. It can also exploit counterfeit dialogs to trick users into disclosing their two-factor authentication information, which it then employs to steal cryptocurrencies covertly. The malware bypasses the Content Security Policy feature of a web browser and can capture screenshots and exfiltrate browsing history, which is then transmitted to the attacker’s command-and-control server.
- A New Weaponized Browser Extension Bypass Two-factor Authentication GBHackers
- Trustwave Spiderlabs Researchers Warn of New Strain of Malware That Drains Crypto Funds – Security Bitcoin News Bitcoin News
- Rilide malware is stealing 2FA codes and passwords — what you need to know Tom's Guide
- Hackers use Rilide browser extension to bypass 2FA, steal crypto BleepingComputer
Reading Insights
0
1
3 min
vs 4 min read
84%
661 → 104 words
Want the full story? Read the original article
Read on GBHackers