Researchers Uncover New Variants of the ChromeLoader Browser Hijacking Malware


ChromeLoader was discovered in January 2022 and has been disseminated as ISO or DMG file downloads promoted using QR codes on Twitter and free gaming websites. Its main uses are to hijack victims’ browser searches and display adverts.

The larger cybersecurity community has also referred to ChromeLoader as ChromeBack and Choziosi Loader in code. The fact that the adware is designed as a browser extension rather than a Windows executable (.exe) or Dynamic Link Library (.dll) distinguishes it from other malware.

Read More…