300,000 Chrome and Edge users affected by new Trojan malware campaign. Are you one of them? Here's how to find out.

malware
(Image credit: Getty Images/CHUYN)

If you've been struggling to remove an extension in Google Chrome or Microsoft Edge, your device may be under a trojan malware attack.

According to an August 6 report from Reason Labs, a consumer-focused cybersecurity firm, a newly identified malware campaign has affected "at least 300,000 users across Google Chrome and Microsoft Edge." 

This sophisticated malware campaign involves a multiple-stage attack, but Reason Labs identified the initial source as malicious advertising, or malvertising, that directs users to false imitations of download pages for popular software, such as Roblox FPS Unlocker, YouTube, VLC media player, Steam, or KeePass.

original site vs malicious site

(Image credit: Reason Labs)

If someone clicks 'Download' on one of these malicious websites, it installs a Trojan — which is aptly shortened from Trojan horse, something that masquerades as one thing when it's actually another — instead of the software the user was intending to download.

Once successfully installed, Reason Labs says the trojan malware can force install more malicious extensions for Chrome and Edge, prevent browser updates, put devices at risk for future attacks, and steal private, personal data.

Reason Labs "alerted Google and Microsoft" upon discovering the issue, and "they are taking the appropriate measures."

Here's how to find out if your laptop is infected and how to remove the malware plaguing your system.

How to find and remove this trojan malware from Chrome and Edge

One thing all affected devices have in common with this attack is malicious extensions. Look at your installed extensions in Chrome and Edge and see if any stand out as ones you didn't install.

Reason Labs believes there are likely more, but mentioned a few known malicious Chrome extensions, including "Micro Search" and "yglSearch." For Microsoft Edge users, look for a "Simple New Tab" extension.

malicious chrome extensions

(Image credit: Reason Labs)

Unfortunately, this malware has persistence mechanisms, which means that even if you successfully remove the malicious extension, a scheduled task will put the malware right back on your computer as soon as it reboots.

Because of these persistence mechanisms, Reason Labs notes that the scheduled task, some registry keys, and the malware files must be removed from the device to eliminate this Trojan malware.

Reason Labs provides easy-to-follow instructions for each step of the malware removal process, but if you're not comfortable messing with your computer's Registry Editor (which can be dangerous if you don't know what you're doing), reach out to a tech-savvy friend or a professional to help you make your device malware-free.

MORE FROM LAPTOP MAG

Category
Arrow
Arrow
Back to Apple MacBook Pro
Brand
Arrow
Processor
Arrow
RAM
Arrow
Storage Size
Arrow
Screen Size
Arrow
Colour
Arrow
Screen Type
Arrow
Condition
Arrow
Price
Arrow
Any Price
Showing 10 of 476 deals
Filters
Arrow
Load more deals
Sarah Chaney
Contributing Writer

Sarah Chaney is a freelance tech writer with five years of experience across multiple outlets, including Mashable, How-To Geek, MakeUseOf, Tom’s Guide, and of course, Laptop Mag. She loves reviewing the latest gadgets, from inventive robot vacuums to new laptops, wearables, and anything PC-related. When she's not writing, she's probably playing a video game, exploring the outdoors, or listening to her current favorite song or album on repeat.