A cyber threat that is currently not among the most well-known, but it has been noticed and can be dangerous is Rilide. It has the power to disguise itself as a reliable extension of Chromium browsers. Rilide performs various malicious activities, such as collecting confidential data and cryptocurrencies that are diverted to hackers, including monitoring the browser's history and also screenshots.
Furthermore, the extension not only allows the loading of external resources that would normally be blocked by the browser, but also disables the 'Content Security Policy', a security measure created to prevent Cross-site Scripting (XSS) attacks.
It is still not possible to know the origin of Ridile, but Trustwave, a leading provider of cybersecurity services, found a publication created in March last year in a clandestine forum in which it consisted of the announcement of the sale of a botnet with identical functionalities to the Rilide. Since then, a portion of the malware's source code has found its way onto the forums after a payment dispute that has not been resolved.
With Rilide infection on computers, unwanted ads appear that redirect users to dangerous sites in order to steal their personal data. Furthermore, the malware can display pop-ups with the aim of tricking users into entering a two-factor authentication code in order to transfer cryptocurrencies.
The Figure below highlights Ridile's infection chain, such as Google Ads:
Rilide demonstrates the increasing sophistication of malicious browser extensions, which now feature live monitoring and automated money-stealing systems.
To avoid any risk of infection, it is important to adopt security measures, such as updating the operating system and antivirus software, not accessing suspicious links and unknown email attachments, and avoiding the installation of extensions and software from untrustworthy sources, such as third party download websites.
Finally, users should be on the lookout for any suspicious browser behavior such as unauthorized redirects and pop-ups. If there is a chance of Rilide malware infection, it is essential that a full system scan be done immediately with up-to-date antivirus software and help from a cybersecurity professional, if necessary.
Did you already know Malware Ridile? Stay tuned for more news and updates.