SYMBOLCOMMON_NAMEaka. SYNONYMS
osx.choziosi (Back to overview)

Choziosi

aka: ChromeLoader, Chropex

A loader delivering malicious Chrome and Safari extensions.

References
2022-06-02CrowdStrikeEPP Content Research Team
@online{team:20220602:crowdstrike:3ca0d32, author = {EPP Content Research Team}, title = {{CrowdStrike Uncovers New MacOS Browser Hijacking Campaign}}, date = {2022-06-02}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-uncovered-a-new-macos-browser-hijacking-campaign/}, language = {English}, urldate = {2022-07-18} } CrowdStrike Uncovers New MacOS Browser Hijacking Campaign
Choziosi
2022-05-25Red CanaryAedan Russell
@online{russell:20220525:chromeloader:4877f32, author = {Aedan Russell}, title = {{ChromeLoader: a pushy malvertiser}}, date = {2022-05-25}, organization = {Red Canary}, url = {https://redcanary.com/blog/chromeloader/}, language = {English}, urldate = {2022-05-29} } ChromeLoader: a pushy malvertiser
Choziosi Choziosi
2022-04-25th3protocol blogColin Cowie
@online{cowie:20220425:choziosi:d3c9063, author = {Colin Cowie}, title = {{Choziosi Loader: Multi-platform campaign delivering browser extension malware}}, date = {2022-04-25}, organization = {th3protocol blog}, url = {https://www.th3protocol.com/2022/Choziosi-Loader}, language = {English}, urldate = {2022-05-05} } Choziosi Loader: Multi-platform campaign delivering browser extension malware
Choziosi
2022-03-11BlackberryBlackBerry Research & Intelligence Team
@online{team:20220311:chromeloader:ba7c5d0, author = {BlackBerry Research & Intelligence Team}, title = {{ChromeLoader Infects the Browser by Loading Malicious Extension}}, date = {2022-03-11}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/11/chromeloader-infects-the-browser-by-loading-malicious-extension}, language = {English}, urldate = {2023-03-21} } ChromeLoader Infects the Browser by Loading Malicious Extension
Choziosi Choziosi
2022-02-03GdataKarsten Hahn
@online{hahn:20220203:qr:16d5c91, author = {Karsten Hahn}, title = {{QR codes on Twitter deliver malicious Chrome extension}}, date = {2022-02-03}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/2022/01/37236-qr-codes-on-twitter-deliver-malicious-chrome-extension}, language = {English}, urldate = {2022-05-05} } QR codes on Twitter deliver malicious Chrome extension
Choziosi

There is no Yara-Signature yet.