SYMBOLCOMMON_NAMEaka. SYNONYMS
osx.choziosi (Back to overview)

Choziosi

aka: ChromeLoader, Chropex

A loader delivering malicious Chrome and Safari extensions.

References
2022-06-02CrowdStrikeEPP Content Research Team
@online{team:20220602:crowdstrike:3ca0d32, author = {EPP Content Research Team}, title = {{CrowdStrike Uncovers New MacOS Browser Hijacking Campaign}}, date = {2022-06-02}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-uncovered-a-new-macos-browser-hijacking-campaign/}, language = {English}, urldate = {2022-07-18} } CrowdStrike Uncovers New MacOS Browser Hijacking Campaign
Choziosi
2022-05-25Red CanaryAedan Russell
@online{russell:20220525:chromeloader:4877f32, author = {Aedan Russell}, title = {{ChromeLoader: a pushy malvertiser}}, date = {2022-05-25}, organization = {Red Canary}, url = {https://redcanary.com/blog/chromeloader/}, language = {English}, urldate = {2022-05-29} } ChromeLoader: a pushy malvertiser
Choziosi Choziosi
2022-04-25th3protocol blogColin Cowie
@online{cowie:20220425:choziosi:d3c9063, author = {Colin Cowie}, title = {{Choziosi Loader: Multi-platform campaign delivering browser extension malware}}, date = {2022-04-25}, organization = {th3protocol blog}, url = {https://www.th3protocol.com/2022/Choziosi-Loader}, language = {English}, urldate = {2022-05-05} } Choziosi Loader: Multi-platform campaign delivering browser extension malware
Choziosi
2022-03-11BlackberryBlackBerry Research & Intelligence Team
@online{team:20220311:chromeloader:ba7c5d0, author = {BlackBerry Research & Intelligence Team}, title = {{ChromeLoader Infects the Browser by Loading Malicious Extension}}, date = {2022-03-11}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/11/chromeloader-infects-the-browser-by-loading-malicious-extension}, language = {English}, urldate = {2023-03-21} } ChromeLoader Infects the Browser by Loading Malicious Extension
Choziosi Choziosi
2022-01-09Github (xephora)@x3ph1
@online{x3ph1:20220109:observed:a9c75b6, author = {@x3ph1}, title = {{Observed malicious IOCs for the ChromeLoader/CS_installer aka Choziosi Loader Malware}}, date = {2022-01-09}, organization = {Github (xephora)}, url = {https://github.com/xephora/Threat-Remediation-Scripts/tree/main/Threat-Track/CS_INSTALLER}, language = {English}, urldate = {2023-11-23} } Observed malicious IOCs for the ChromeLoader/CS_installer aka Choziosi Loader Malware
Choziosi Choziosi

There is no Yara-Signature yet.