Cloud9 browser extension
We go to a lot of effort working to protect our clients from online security threats. These could come in the form of key loggers that record you as you enter your login information, or DDoS (Distributed Denial of Service) attacks, which overwhelm a service with fake traffic, causing it to crash.
As part of our service, we always advise our clients to install software updates as soon as they become available, and support them through the process where they need help.
But if you visit a website that asks you to install an Adobe Flash update… STOP!
Flash itself was actually discontinued in 2020 and is no longer supported, so you should assume that any Flash update messages will be a security threat.
Currently, fake Flash messages are being used as a cover for a new ‘botnet’ campaign that installs a malicious browser extension, called Cloud9. If you use Google Chrome or Microsoft Edge you could be a target.
How does it work?
A botnet forms a group of infected devices that are controlled as one, without the owners’ knowledge, stealing sensitive data, sending spam, or performing DDoS attacks.
Worse still, the Cloud9 botnet will attempt to install additional malware to your device or network if it’s not stopped in time.
This type of attack is hard to spot because it looks like a genuine request, and just about anyone can become a target.
But there are things you can do to protect your business.
First, make everyone aware of the threat. If your people know what to look out for it’s less likely they’ll install the update in the first place.
Next, make sure everyone’s running the latest version of their browser and that security software is up to date.
Finally, enable Enhanced Protection in your browser’s Privacy and Security settings. This will give you a warning if you stumble upon a risky website or download.
We can help you keep your business protected from cyber criminals. Just get in touch.
Published with permission from Your Tech Updates.