Out of the Box Solutions Blog

The Nigelthorn Malware is a Lot Less Friendly than its Namesake

The Nigelthorn Malware is a Lot Less Friendly than its Namesake

You can never be too careful about what you install on your computers. In this most recent example, Google Chrome users are finding themselves targeted by a new type of malware called Nigelthorn.

Nigelthorn’s Method of Attack
The scam works like this; you encounter a link to a fake YouTube video on social media. If the user clicks on this link, they will be asked to download the Nigelify extension from the Chrome Web Store before viewing the contents of the video. If the user installs this extension, this malware can run rampant on their system.

The Google Chrome Web Store has several measures put in place to keep threats from sneaking onto the store, but Nigelthorn’s code is found on an extension that has passed the Web Store’s tests. In this case, the affected extension, Nigelify, replaces all images on a page with images of Nigel Thornberry, a late 1990s/early 2000s cartoon character who has emerged as a meme in recent years. Essentially, this malware is taking advantage of people’s fondness for nostalgia.

Once Nigelthorn has been installed, it will affect the system in various ways. It can steal your data available through Facebook, but if this isn’t enough, it can also share itself out to any of your contacts via Facebook Messenger or tagging your friends to potentially infect them as well. This aggressive manner of spreading makes it quite effective at collecting a large amount of information, as well as keeping itself out there in the world, still relevant enough to be a concern.

Nigelthorn is also capable of using other malware tools in order to pull off its scam, including methods such as cryptomining and YouTube manipulation to raise money and attack more targets.

How to Prevent Infection in the First Place
Another big pain about the Nigelthorn malware is that it can be quite difficult to get rid of. If you’ve accidentally installed Nigelthorn in your web browser, it will close the extensions panel--an extreme way of keeping you from uninstalling it. The only way to get rid of this malware is to uninstall Chrome entirely, and you’ll also want to change any credentials that may have been stolen by the malware.

As is the case with most threats, the most effective countermeasure is to just not click on the link that downloads the malware in the first place. As long as a user knows not to click on suspicious links, Chrome can be reasonably safe.

For more information on the latest threats to your organization’s security, subscribe to Out of the Box Solutions’s blog and reach out to us at 800-750-4OBS (4627).

What Are the Differences Between Business Intellig...
Businesses Thrive with Dedicated Proactive Mainten...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, April 20 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Network Security Productivity User Tips Privacy Internet Tech Term Efficiency Communication Smartphones Microsoft Google Data Hardware Email Cybersecurity Innovation Mobile Device Browser IT Support Android Cloud Users Malware Mobile Devices Business Passwords Windows 10 Ransomware Collaboration IT Services Communications Network Business Management Small Business Bandwidth Software Data Backup Applications Wi-Fi Outsourced IT Backup Saving Money Wireless Managed IT Services Data recovery Internet of Things Holiday Hackers Workplace Tips Managed IT services Business Intelligence VoIp Marketing Blockchain Hosted Solutions Social Media Information Networking Cloud Computing Employer-Employee Relationship Apps Cost Management Virtualization Data Security VPN Net Neutrality Gadgets Compliance Data Management Managed IT Service Computers BDR Remote Monitoring and Management G Suite Save Money Patch Management Tech Terms Remote Computing Computer Access Control Office Microsoft Office Automation Paperless Office Smartphone Office 365 Medical IT Artificial Intelligence Cortana Connectivity Chrome Analytics Virtual Assistant Password Facebook Wireless Charging Healthcare Gmail Managed Service Mobility Workers Ink Vulnerabilities Specifications Plug-In Managing Stress Wireless Internet Spam Voice over IP Twitter Update IT Management Router GDPR Spyware Employees Sales Streaming Media Database Voice over Internet Protocol Training Millennials Government PowerPoint Touchscreen Cryptocurrency Big Data Environment Proactive IT Help Desk WannaCry Server Management Edge Virus Inventory Unified Communications Outlook Server Websites Internet Explorer Personal Information HP Tablet Backup and Disaster Recovery Downloads Human Resources Settings Cybercrime Security Cameras Business Technology Sports Microsoft Office 365 Conferencing e-waste Business Continuity HIPAA Antivirus Data Protection RAM Profitability Safety Threat Storage E-Commerce Document Management Telecommute Excel Hard Drives Trends Miscellaneous Employee-Employer Relationship IT budget Tactics Reporting Word Time Management Physical Security disposal Bring Your Own Device Upgrade Hard Drive Dark Web Payment Staff Mobile Security Amazon Microsoft Teams Eliminating Downtime Lead Generation Network Attached Storage Telecommuting Printing Knowledge SSD A.I. Electronic Health Records Battery Tip of the week Wearables Processors Phishing Authentication eCommerce Laptop Content Filtering Value Analysis Hybrid Cloud Certification Paper Error instant Messaging Comparison Operating System Company Culture BYOD Dongle Digital Data loss Telephony Movies Troubleshooting Health User Tip Maintenance SaaS Vulnerability Machine Learning Data Breach Technology Tips Authorization Chrome OS Online Shopping Cables Quick Tips Solid State Drive Disaster Recovery Regulation Windows 7 Hard Disk Drive Printers Alert