In a new post today on BitDefender's Malware City blog, the company warns Google Chrome users of malware-laced emails. Attackers are reportedly sending unsolicited messages informing users of a new Chrome extension that helps "better organize your documents" received via email. A seemingly innocent link is provided, and once clicked, users are redirected to a clone of the Google Chrome Extensions page.
At the fake site, folks are instructed to download the "extension," which is actually malware. The blog post notes that some experienced users would undoubtedly notice the rogue application because of its improper file type. Rather than end in .crx, the software suspiciously uses the .exe file extension. To be fair, most seasoned Web-goers probably wouldn't have followed the link to begin with.
BitDefender identifies the threat as Trojan.Agent.20577 and says it modifies the Windows HOSTS file, effectively blocking access to Yahoo and Google. Users are then redirected to fake versions of those sites.