Threat Advisories

New Chromeloader Shampoo Campaign Infecting Chrome and Stealing Data

June 22, 2023

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

The current ChromeLoader Shampoo campaign, where users unknowingly download and execute VBScript files from malicious websites. These files trigger a series of PowerShell scripts, leading to the installation of a malicious Chrome extension that redirects searches, injects ads, and collects sensitive information.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

State-Sponsored Hackers Target Middle Eastern and African Governments

Condi Malware Strikes TP-Link Routers for DDoS Rampage