Internet banking is a very popular area for malicious actors to tackle because of the fact that this is the sort of thing that could potentially end up allowing them to access all of the finances of the person whose account they illicitly gain access to. Brazil is currently undergoing a bit of an epidemic, with a new Trojan campaign called Chaes, as spotted by Avast, notably similar to the name of the American bank Chase, stealing credentials from a wide range of Brazil based users since the middle of 2021.
With all of that having been said and now out of the way, it is important to note that there are around eight hundred sites that currently have the ability to infect someone or the other with this malware. When you visit one of these websites, all of which are based on WordPress, you will see a prompt asking you to download Javascript plugin to be able to use the site properly, something that a lot of sites already ask you to do which might make it seem above board.
However, should you download this script, suffice it to say that you will end up with around four or five new plugins in your browser that will attempt to steal all of your financial data. This malware is in some of the most popular sites in Brazil with all things having been considered and taken into account, and even if the sites are cleaned out the users that have had their devices infected with the malware would still need to get rid of it on their own because it’s already in their system.
The JavaScript that the pop up makes you download isn’t even the real malware, rather it prepares your system for the malware that comes later. This just goes to show that you should be really careful when downloading anything and you should always read pop ups to ensure that whatever it is that they are making you download is actually the kind of thing that you need. Many Brazilian users are already facing a lot of problems due to their carelessness in that regard, and this malware might even spread to other countries since it’s still an ongoing issue.
Read next: Phishing continues to create problems for people all around the world
With all of that having been said and now out of the way, it is important to note that there are around eight hundred sites that currently have the ability to infect someone or the other with this malware. When you visit one of these websites, all of which are based on WordPress, you will see a prompt asking you to download Javascript plugin to be able to use the site properly, something that a lot of sites already ask you to do which might make it seem above board.
However, should you download this script, suffice it to say that you will end up with around four or five new plugins in your browser that will attempt to steal all of your financial data. This malware is in some of the most popular sites in Brazil with all things having been considered and taken into account, and even if the sites are cleaned out the users that have had their devices infected with the malware would still need to get rid of it on their own because it’s already in their system.
The JavaScript that the pop up makes you download isn’t even the real malware, rather it prepares your system for the malware that comes later. This just goes to show that you should be really careful when downloading anything and you should always read pop ups to ensure that whatever it is that they are making you download is actually the kind of thing that you need. Many Brazilian users are already facing a lot of problems due to their carelessness in that regard, and this malware might even spread to other countries since it’s still an ongoing issue.
Read next: Phishing continues to create problems for people all around the world