Bredy Network Management Corporation Blogs

2 minutes reading time (430 words)

There’s Nothing “Smashing” About the Nigelthorn Malware

There’s Nothing “Smashing” About the Nigelthorn Malware

Once again, there is an example of why all users need to be careful about what they install. This time, however, users of the Google Chrome browser are the ones being specifically targeted by a particularly nasty attack known as “Nigelthorn.”

Nigelthorn’s Method of Attack
When scrolling on Facebook, a user may see what appears to be a link to a YouTube video, but is actually a fake. This fraudulent video will then inform the user that in order for it to be played, an extension from the Chrome Web Store, called “Nigelify,” has to be installed. In reality, installing the extension allows the malware into the user’s system.

In order to fool its way past the Chrome Web Store defenses, Nigelthorn’s code is implanted into an extension that has already passed the Web Store’s checks. The first extension to be infected was one called “Nigelify,” which would replace all the pictures on the page a user was viewing with images of Nigel Thornberry, a late 1990’s/early 2000’s cartoon character who has found new life as a meme.

Once Nigelthorn is installed, it can have various effects on the infected system. For instance, not only will this attack vector steal the data that is available through Facebook, it will also share itself via Facebook Messenger, or by tagging the original victim’s friends. This makes it very effective at spreading from victim to victim, as all it takes it to infect the next person in line is for them to install the infected extension as well.

Nigelthorn has also been found to use other common tools that are found in malware in order to accomplish the goal of its developer, including cryptomining and YouTube manipulation for financial gain.

Getting Rid of Nigelthorn (and Avoiding It in the First Place)
What’s worse is that once Nigelthorn has been installed, it is notoriously hard to get rid of. If you have inadvertently installed Nigelthorn, it will automatically close the extensions panel, preventing you from uninstalling it. This means that removing it will likely require you to uninstall Chrome. If you are unlucky enough to be infected, you should change your Google and Facebook credentials in case they were stolen by the malware.

As for avoiding Nigelthorn, the surest is to not click on the link. As long as the user in question knows not to click on fishy links or install additional extensions willy-nilly, using Chrome is still workably safe.

For more information about potential threats to your business’ cybersecurity, and how to stop them, keep reading out blogs, and don’t hesitate to call us at 978-482-2020 for more help.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, August 20 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Cloud Email Privacy Malware Business Computing Microsoft Software Hackers Internet Google Mobile Devices Network Security Computer IT Services Hosted Solutions Ransomware Business Tech Term Small Business Android Managed IT Services Backup Smartphone Windows Data Management Efficiency Saving Money Business Continuity Data Recovery Hardware User Tips IT Support Browser Innovation Internet of Things Data Backup Cloud Computing App Cybersecurity Data Windows 10 Encryption Business Management Facebook Server Remote Monitoring Gmail Artificial Intelligence Network Windows 10 Infrastructure Managed IT Services IT Support Smartphones Money Productivity Tip of the week Chrome Managed Service Provider Phishing Outsourced IT Communication Word Office 365 Vulnerability Productivity Analytics communications Disaster Recovery Data storage Robot Passwords Big Data Settings Antivirus Google Drive Bandwidth Content Filtering Government YouTube Upgrade Employer-Employee Relationship Risk Management Microsoft Office Social Media Applications Website IT Management Office Tips Vendor Management Company Culture Monitors The Internet of Things Data loss Unified Threat Management Save Money VoIP Telephone Systems Outlook Managing Stress Spam Computing Automation Two-factor Authentication WiFi End of Support Maintenance Virtual Reality Firewall LiFi Avoiding Downtime Hosted Solution Scam Administration Workplace Tips SaaS Mouse HIPAA Miscellaneous Wireless Mobile Security Information Holiday VPN Apple BYOD Storage Mobile Device Alert Data Security Server Management Business Intelligence Business Technology Paperless Office Virtual Private Network Hacker Tech Support Statistics Tablet Regulations How To Lenovo Language Value Monitoring Downloads Mirgation Recycling Chromebook Mail Merge Blockchain IoT Deep Learning Shortcut Distributed Denial of Service Cookies MSP Social Engineering VoIP Unified Threat Management Augmented Reality K-12 Schools Alt Codes Websites Downtime Bluetooth Comparison Social Networking Digital Payment Cybercrime Firefox Superfish Computing Infrastructure Professional Services Spying desktop Chatbots eWaste Digital Address Permissions Star Wars Analysis Disaster Bring Your Own Device Operating System Marketing Social Patch Management Managed IT Service Nanotechnology Development Collaboration Budget Safety Gadgets User Error Wearable Technology Network upgrade Typing Humor Specifications Motherboard Cables Information Technology Remote Computing Customer Relationship Management Alerts USB Employee-Employer Relationship Heating/Cooling Multi-Factor Security Identity Continuity Document Management Spyware Current Events Network Congestion Fraud Cost Management Managed Service Uninterrupted Power Supply Best Practice Computer Care IBM Break Fix Screen Reader Charging File Sharing Users Halloween Time Management Printer Smart Office Cryptocurrency Wi-Fi Search Black Friday Wires Apps Writing Networking Licensing Dongle PowerPoint Solid State Drive Servers Google Calendar Solar Identity Theft IT solutions Going Green Computers Emergency Assessment Google Docs Work Training Corporate Profile Education Hacks Dark Data Dark Web Smart Tech Scary Stories Network Management Access Control Bitcoin Cyber Monday Router Voice over Internet Protocol Automobile Google Wallet Retail Running Cable Cooperation Service Level Agreement Onboarding Hard Disk Drive Politics Buisness Legislation Compliance Printing Display Hotspot Internet Exlporer Slack Dell Business Growth IT Technicians Optimization WannaCry Password Customer Service Virtual Desktop Microsoft Excel Connectivity Cabling Legal Sports Touchscreen SharePoint Windows 8 Managed IT Smart Technology Modem FinTech Google Maps Unified Communications Drones Office Samsung Laptop Quick Tips Techology Staff Leominster IT Budget Black Market Web Server what was your? GPS Mobile Device Management Law Enforcement Electronic Medical Records Notifications IT Consultant Physical Security Twitter Cameras Tracking Mobile Computing Emoji Meetings Upgrades Gadget Cleaning Crowdsourcing Personal Information Botnet CCTV Cortana Webcam 3D Printing Machine Learning BDR Error Processors Virtualization Point of Sale Ben McDonald shares Unsupported Software Update Regulation Travel Computer Repair Relocation G Suite Mobile Data Supercomputer CrashOverride Staffing Recovery Motion Sickness How To Work/Life Balance Health Private Cloud Administrator Taxes

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *

      What Our Clients Say

      • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
      • 1
      • 2
      • 3