BNMC Blog

There’s Nothing “Smashing” About the Nigelthorn Malware

There’s Nothing “Smashing” About the Nigelthorn Malware

Once again, there is an example of why all users need to be careful about what they install. This time, however, users of the Google Chrome browser are the ones being specifically targeted by a particularly nasty attack known as “Nigelthorn.”

Nigelthorn’s Method of Attack
When scrolling on Facebook, a user may see what appears to be a link to a YouTube video, but is actually a fake. This fraudulent video will then inform the user that in order for it to be played, an extension from the Chrome Web Store, called “Nigelify,” has to be installed. In reality, installing the extension allows the malware into the user’s system.

In order to fool its way past the Chrome Web Store defenses, Nigelthorn’s code is implanted into an extension that has already passed the Web Store’s checks. The first extension to be infected was one called “Nigelify,” which would replace all the pictures on the page a user was viewing with images of Nigel Thornberry, a late 1990’s/early 2000’s cartoon character who has found new life as a meme.

Once Nigelthorn is installed, it can have various effects on the infected system. For instance, not only will this attack vector steal the data that is available through Facebook, it will also share itself via Facebook Messenger, or by tagging the original victim’s friends. This makes it very effective at spreading from victim to victim, as all it takes it to infect the next person in line is for them to install the infected extension as well.

Nigelthorn has also been found to use other common tools that are found in malware in order to accomplish the goal of its developer, including cryptomining and YouTube manipulation for financial gain.

Getting Rid of Nigelthorn (and Avoiding It in the First Place)
What’s worse is that once Nigelthorn has been installed, it is notoriously hard to get rid of. If you have inadvertently installed Nigelthorn, it will automatically close the extensions panel, preventing you from uninstalling it. This means that removing it will likely require you to uninstall Chrome. If you are unlucky enough to be infected, you should change your Google and Facebook credentials in case they were stolen by the malware.

As for avoiding Nigelthorn, the surest is to not click on the link. As long as the user in question knows not to click on fishy links or install additional extensions willy-nilly, using Chrome is still workably safe.

For more information about potential threats to your business’ cybersecurity, and how to stop them, keep reading out blogs, and don’t hesitate to call us at 978-482-2020 for more help.

 

Comments 1

Herman Montoya on Tuesday, 20 November 2018 02:07

There is nothing smashing about the all Nigel thorn malware that was going to start on this week at this level of stage. I have to get about all the participants of this that I got from https://www.essaywritingboo.com/review-of-essayontime/ this was the first company who have the list of this.

There is nothing smashing about the all Nigel thorn malware that was going to start on this week at this level of stage. I have to get about all the participants of this that I got from https://www.essaywritingboo.com/review-of-essayontime/ this was the first company who have the list of this.
Already Registered? Login Here
Guest
Monday, December 17 2018

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Best Practices Technology Email Cloud Privacy Malware Business Computing Hackers Business User Tips Network Security Software Microsoft Google Computer Tech Term Internet IT Services Hosted Solutions Efficiency Ransomware Mobile Devices Small Business Communication IT Support Smartphone Android Managed IT Services Data Productivity Backup Managed IT Services Windows Data Management Internet of Things Cloud Computing Saving Money Data Recovery Browser Business Continuity Innovation Hardware Windows 10 Business Management Productivity Data Backup Workplace Tips Microsoft Office Cybersecurity App Encryption Passwords Upgrade Outsourced IT Word Server Office 365 Facebook Remote Monitoring Gmail Artificial Intelligence Mobile Device Windows 10 Disaster Recovery Tip of the week Smartphones Chrome Managed Service Provider Analytics Phishing communications Vulnerability Employer-Employee Relationship BYOD Network Applications IT Support Website Money Infrastructure Company Culture Big Data Google Drive Bandwidth VoIP Content Filtering Maintenance Miscellaneous Antivirus Settings Government Users YouTube Data storage IT Management Social Media Risk Management Managed Service Office Tips Robot Save Money Hosted Solution Telephone Systems Information The Internet of Things Automation Administration desktop End of Support Two-factor Authentication Mouse Avoiding Downtime Firewall Managing Stress Virtual Reality Scam Education Apple Development Storage SaaS Wireless Printing HIPAA Holiday Access Control VPN Mobile Security Data Security Alert Business Technology Display Server Management Paperless Office Employee-Employer Relationship Touchscreen Virtual Private Network Outlook Quick Tips Spam Computing Business Intelligence Monitors WiFi Vendor Management Operating System Laptop Data loss Unified Threat Management LiFi Typing Humor Language Value VoIP Unified Threat Management Social Engineering Mobility Information Technology Regulations Shortcut Distributed Denial of Service IoT Firefox Superfish Co-Managed IT Digital Payment Current Events Mirgation Recycling Bluetooth Comparison Websites Best Practice Onboarding Digital Augmented Reality K-12 Schools Disaster Cookies MSP Address Permissions Cryptocurrency Computing Infrastructure Professional Services User Error Safety Print Toner Downtime Collaboration Apps Social Networking Patch Management Managed IT Service Slack Cybercrime Star Wars Customer Relationship Management Content Remote Computing Marketing IT solutions Going Green Chatbots eWaste Specifications Google Docs Network Congestion Digital Signage Gadgets Document Management Hacks Spyware Wearable Technology Network upgrade Heating/Cooling Multi-Factor Security Uninterrupted Power Supply Nanotechnology Computer Care Bitcoin IBM Alerts USB Time Management Printer File Sharing Google Wallet Motherboard Cables Break Fix Monitoring Business Growth Solid State Drive Fraud Cost Management Networking Writing Streaming Identity Continuity Search Black Friday Wi-Fi Emergency Computers Troubleshooting Halloween Identity Theft Password Smart Office Servers Google Calendar Legal Screen Reader Charging Update Training Windows 8 Corporate Profile Licensing Dongle Network Management Unified Communications Drones Wires Dark Web Dark Data Spying Hacker Hard Disk Drive Assessment Retail Human Error Automobile Solar Cyber Monday Analysis Smart Tech Scary Stories Mobile Device Management Work Legislation Politics Deep Learning Dell Customer Service Running Cable WannaCry Cooperation Service Level Agreement SharePoint Cabling Router Voice over Internet Protocol Microsoft Excel Alt Codes Hotspot Internet Exlporer Techology Office Device Samsung Buisness Google Maps Compliance Managed IT Smart Technology Connectivity How To Lenovo LED Sports IT Technicians Optimization Statistics Tablet Tech Support Virtual Desktop Bring Your Own Device PowerPoint Chromebook Social Staff Leominster Downloads Budget Modem FinTech Mail Merge Blockchain IT Consultant Notifications Electronic Medical Records Twitter Physical Security Cameras Emoji Tracking Upgrades Gadget Meetings Cleaning Crowdsourcing Personal Information Botnet CCTV Cortana 3D Printing Webcam Processors Error Machine Learning Virtualization Unsupported Software Point of Sale Ben McDonald shares Travel BDR G Suite Computer Repair Relocation Regulation Printers Supercomputer CrashOverride Mobile Data Recovery Staffing How To Work/Life Balance Motion Sickness Taxes Administrator Health Private Cloud Black Market IT Budget Mobile Computing Web Server what was your? GPS Law Enforcement

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3