A new bit of malicious malware is making the rounds, so far limited to Central and South American countries, when victims want to view a video.

Eset research teams detected an increasing number of JS/Chromex.Submelius threats. If the victim clicks to play the video, they get redirected to a new window which pops up demanding that they download a Chrome extension. The window will not stop popping up until the victim relents and installs the extension.

The extension then gives the hacker permission to read and change all the victims data on sites they visit which allows the hacker to inject malware into each site.

This produces an endless loop.

“Then, while the user is browsing the internet, they will suddenly see new windows opening up with information about their system, taking them to other websites containing downloads of malicious code, advertising, or other kinds of content. This becomes an endless loop, which ultimately will benefit whoever is behind the fraudulent extension,” ESET wrote.

Fortunately the cure is simply to find the extension and delete it.

Source: SCMagazine