Chrome users be aware, your credit card info is in danger

Emoted, the sneaky banking trojan

The Emotet banking Trojan was first identified by security researchers in 2014. Emotet was originally designed as a banking malware that attempted to sneak onto computers and steal sensitive and private information. Later versions of the software saw the addition of spamming and malware delivery services.

The malware also has the functionality to spread to other computers using a combined set of anti-virus evasion techniques and worm alike capabilities. The spread happens primarily via spam and phishing emails. It infects computers when the user opens malicious documents, clicks malicious links of executes malicious scripts.

The new variant

Lately, a new variant of this malware has been seen which specifically targets Google Chrome users to exfiltrate collected credit card information to criminal organisations. These organisations pay a lot of money to obtain this information, which they use to further exploit the victims.

As of April 2022, Emotet is still the most popular malware with a global impact of 6% of all organisations world wide.

Credential data is stored in cleartext format in Google Chrome’s memory

– CyberArk’s Zeev Ben Porat

What can you do?

The best advice we can give you is update, update, update! Updates are brought to you by the software companies not only to bring you new features, but mostly to patch flaws in their security. Don’t take it the wrong way, updates don’t mean that the applications were unsafe the whole time you were using them.

As hackers are working around the clock to find security holes in everything they can think of, so are the software companies, providing patches for every new vulnerability.

If you still don’t trust Chrome anymore, there are a lot of more secure alternatives you can use with enhanced security and privacy mechanisms in place like Opera, Edge, Firefox,… Feel free to do your own research!

Sources:

• Malwarebytes
• Thehackernews.com