Desbloquear Conteúdo Chrome Extension
The Desbloquear Conteúdo Chrome Extension is a Web browser extension for Google Chrome that appeared on the Chrome Web store. The Desbloquear Conteúdo Chrome Extension was available for a while and may have reached some computer users, although unwanted extensions like these don't make it past Google's automatic defenses. The Desbloquear Conteúdo Chrome Extension was removed after PC security analysts reported it. The Desbloquear Conteúdo Chrome Extension is designed to target computer users located in Brazil that carry out online banking operations on targeted financial institutions.
Table of Contents
What is the Danger Presented by the Desbloquear Conteúdo Chrome Extension
The name of the Desbloquear Conteúdo Chrome Extension translates from Portuguese as 'Unblock Content' and is supposedly designed to help improve the computer users' online experience. In fact, the Desbloquear Conteúdo Chrome Extension is designed to collect online credentials and log in and password information from the victims. The Desbloquear Conteúdo Chrome Extension was installed by almost 1400 computer users, which may have compromised their online accounts information. Computer users with updated security software may have been protected from the Desbloquear Conteúdo Chrome Extension, and this add-on may have been prevented from being installed automatically.
The Targets of the Desbloquear Conteúdo Chrome Extension
The Desbloquear Conteúdo Chrome Extension was used for fraudulent activities, allowing criminals to collect the victim's online credentials when the victims attempted to access their online banking services. The Desbloquear Conteúdo Chrome Extension targets specific banks located in Brazil. The Desbloquear Conteúdo Chrome Extension can collect the victim's credentials and send them in real time to its controllers by using WebSocket data exchange protocol to connect with its Command and Control servers. The Desbloquear Conteúdo Chrome Extension attack is carried out via two JS files. These JavaScript files are named 'fundo.js' and 'pages.js.' The first of these files downloads the Desbloquear Conteúdo Chrome Extension's files and a list of its commands, as well as setting the stage for the Desbloquear Conteúdo Chrome Extension to be able to carry out its attack without interference from the victim. The Desbloquear Conteúdo Chrome Extension also will change various settings in the affected computer's configuration to redirect victims to unsafe servers. When the victims use the affected Web browser to access the Web page of one of the banks targeted in these attacks, this redirect is executed, and the victim is redirected to a fake version of the page, which can be used to collect the victim's credentials. The second script, pages.js, will retrieve scripts from a remote server and inject them into Google Chrome to record the victim's passwords and carry out the Desbloquear Conteúdo Chrome Extension tactic.
Preventing Unsafe Content Like the Desbloquear Conteúdo Chrome Extension
The functionality of the Desbloquear Conteúdo Chrome Extension is not complicated. However, the fact that the Desbloquear Conteúdo Chrome Extension was available for a short while on the Google Chrome Web Store is one of the main reasons why the Desbloquear Conteúdo Chrome Extension was effective in reaching so many victims. The Desbloquear Conteúdo Chrome Extension is relatively simple, displaying fake versions of the victim's banks and tricking the victims into inputting their passwords into what is essentially an online form that delivers them to the Desbloquear Conteúdo Chrome Extension's Command and Control servers. Cautious computer users may have noted that the Desbloquear Conteúdo Chrome Extension's page on the Google Chrome Web Store contains no credible user reviews and no screenshots or other media content. Companion extensions, especially when dealing with online banking, are considered potentially unsafe and should be avoided by computer users. If you suspect that the Desbloquear Conteúdo Chrome Extension has compromised your bank account, malware researchers strongly advise computer users to safeguard their online bank accounts and ensure that no funds have been transferred or collected by the criminals responsible for the creation and distribution of the Desbloquear Conteúdo Chrome Extension.
