Blog

BNMC Blog

Bredy Network Management Corporation (BNMC) has been serving the Northeast area since 1988. BNMC works as a strategic business partner to provide organizations with proven design, implementation and support solutions.

There’s Nothing “Smashing” About the Nigelthorn Malware

There’s Nothing “Smashing” About the Nigelthorn Malware

Once again, there is an example of why all users need to be careful about what they install. This time, however, users of the Google Chrome browser are the ones being specifically targeted by a particularly nasty attack known as “Nigelthorn.”

Nigelthorn’s Method of Attack
When scrolling on Facebook, a user may see what appears to be a link to a YouTube video, but is actually a fake. This fraudulent video will then inform the user that in order for it to be played, an extension from the Chrome Web Store, called “Nigelify,” has to be installed. In reality, installing the extension allows the malware into the user’s system.

In order to fool its way past the Chrome Web Store defenses, Nigelthorn’s code is implanted into an extension that has already passed the Web Store’s checks. The first extension to be infected was one called “Nigelify,” which would replace all the pictures on the page a user was viewing with images of Nigel Thornberry, a late 1990’s/early 2000’s cartoon character who has found new life as a meme.

Once Nigelthorn is installed, it can have various effects on the infected system. For instance, not only will this attack vector steal the data that is available through Facebook, it will also share itself via Facebook Messenger, or by tagging the original victim’s friends. This makes it very effective at spreading from victim to victim, as all it takes it to infect the next person in line is for them to install the infected extension as well.

Nigelthorn has also been found to use other common tools that are found in malware in order to accomplish the goal of its developer, including cryptomining and YouTube manipulation for financial gain.

Getting Rid of Nigelthorn (and Avoiding It in the First Place)
What’s worse is that once Nigelthorn has been installed, it is notoriously hard to get rid of. If you have inadvertently installed Nigelthorn, it will automatically close the extensions panel, preventing you from uninstalling it. This means that removing it will likely require you to uninstall Chrome. If you are unlucky enough to be infected, you should change your Google and Facebook credentials in case they were stolen by the malware.

As for avoiding Nigelthorn, the surest is to not click on the link. As long as the user in question knows not to click on fishy links or install additional extensions willy-nilly, using Chrome is still workably safe.

For more information about potential threats to your business’ cybersecurity, and how to stop them, keep reading out blogs, and don’t hesitate to call us at (978) 482-2020 for more help.

 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 28 March 2024

Captcha Image

News & Updates

BNMC is proud to announce the launch of our new website at https://bnmc.net. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

itc

Contact us

Learn more about what BNMC can do for your business.

Copyright BNMC. All Rights Reserved.