成人国产在线免播放器最近|久久免费视频2000|日韩精品亚洲精品中文字幕乱伦AV|五月丁香乱伦图一本AV不卡1区

Researchers with cybersecurity firm Trend Micro have uncovered a malicious extension in Google’s Chrome web browser that uses a multitude of methods to steal and mine cryptocurrency from infected users.

網(wǎng)絡(luò)安全公司趨勢科技(Trend Micro)的研究人員在谷歌Chrome瀏覽器中發(fā)現(xiàn)了一個(gè)惡意擴(kuò)展程序，它使用多種方法從受感染的用戶那里竊取和挖掘加密貨幣。

The malware, which Trend Micro calls “FacexWorm”, makes its way onto a victim’s browser via social engineering tactics conducted through Facebook Messenger. A target would receive a link leading to a fake YouTube page that would prompt the user to install an extension in order to play the video. Once the extension is installed, it’s programmed to hijack users’ Facebook accounts and spread the link throughout their friends list.
趨勢科技稱為“FacexWorm”的惡意軟件通過Facebook Messenger進(jìn)行的社交工程策略侵入受害者的瀏覽器。一個(gè)目標(biāo)會(huì)收到一個(gè)鏈接，彈出一個(gè)虛假的YouTube頁面，提示用戶安裝擴(kuò)展程序以播放視頻。一旦安裝了擴(kuò)展程序，它就會(huì)被編程為劫持用戶的Facebook賬號并將其鏈接傳播到他們的朋友列表中。

FacexWorm appears to be a Swiss Army knife of cryptocurrency-oriented malware. According to Trend Micro, the malicious extension has various capabilities:
FacexWorm似乎是面向加密貨幣惡意軟件的“瑞士軍刀”，包含多種可能性。據(jù)趨勢科技稱，惡意擴(kuò)展具有各種功能：

If an infected user tries logs into Google, MyMonero or Coinhive, FacexWorm will intercept the credentials.

如果受感染用戶嘗試登錄谷歌，MyMonero或Coinhive，F(xiàn)acexWorm將攔截憑證。

When a victim tries to go to a specified set of cryptocurrency trading platforms, they get redirected to a scam site that requests a small amount of Ether, ostensibly for verification purposes.
當(dāng)受害者試圖訪問一組指定的加密貨幣交易平臺(tái)時(shí)，他們會(huì)被重定向到一個(gè)要求少量Ether的騙局網(wǎng)站，表面上用于驗(yàn)證目的。

If FacexWorm detects that a user is on a cryptocurrency transaction page, the extension replaces the wallet address entered by the user with another one from the attacker. Trend Micro says currencies targeted include bitcoin, Bitcoin Gold, Bitcoin Cash, Dash, Ethereum, Ethereum Classic, Ripple, Litecoin, Zcash and Monero.
如果FacexWorm檢測到用戶處于加密貨幣交易頁面，則擴(kuò)展程序?qū)⒂脩糨斎氲腻X包地址替換為攻擊者的另一個(gè)地址。趨勢科技表示，目標(biāo)貨幣包括比特幣、比特幣黃金、比特幣現(xiàn)金、Dash，以太幣，Ethereum Classic、瑞波幣，萊特幣，Zcash和Monero。

Trying to go to certain websites will redirect a victim to a referral link that rewards the attacker.
試圖訪問某些網(wǎng)站會(huì)將受害者重定向到獎(jiǎng)勵(lì)攻擊者的推薦鏈接。

And, of course, FacexWorm has a cryptojacking component, using the victim’s processor to mine for cryptocurrency.
當(dāng)然，F(xiàn)acexWorm還有一個(gè)加密組件，使用受害者的處理器來挖掘加密貨幣。

If an affected user appears to be trying to remove the malicious plugin, it has ways of stopping them, Trend Micro says. If a user tries opening Chrome’s extension management page, the malware will simply close the tab.
趨勢科技稱，如果受影響的用戶似乎試圖刪除惡意插件，還可以阻止它們。如果用戶嘗試打開Chrome的擴(kuò)展管理頁面，惡意軟件將簡單關(guān)閉該選項(xiàng)卡。

Trend Micro says it’s only discovered one instance in which FacexWorm compromised a bitcoin transaction, according to the attacker’s digital wallet address, but that that there’s no way to tell for sure how much the attackers have actually profited.
根據(jù)攻擊者的數(shù)字錢包地址，只有FacexWorm發(fā)現(xiàn)了一個(gè)比特幣交易被入侵的例子，但是沒有辦法確定攻擊者實(shí)際獲利的多少。

The attacker is persistently trying to upload more FacexWorm-infected extensions to the Chrome Web Store, the researchers say, but Google is proactively removing them. Trend Micro says Facebook, with which it has a partnership, has automated measures that detect the bad links and block their spread.
研究人員說，攻擊者一直在試圖將更多受FacexWorm感染的擴(kuò)展程序上傳到Chrome網(wǎng)上應(yīng)用店，但Google正在主動(dòng)將其刪除。趨勢科技稱Facebook與其建立了合作伙伴關(guān)系，它采用自動(dòng)化措施來檢測不良鏈接并阻止其傳播。