With the new browser botnet, Cloud9, waiting to penetrate your browsers remotely to access and steal your sensitive and confidential data, it can be challenging to stay safe while browsing the internet. As reported by Bleeping Computer, this Remote Access Trojan named Cloud9 allows cyberattackers to execute commands remotely to steal your data. This malicious extension is not found in the Chrome store, but has been reported to be installed by other means.
What’s the story of Cloud9?
The malicious Cloud9 extension consists of three JavaScript files that can gather system information, leverage host resources to mine cryptocurrency, perform DDoS attacks, and inject code to run browser exploits.
The following exploits for vulnerabilities have been observed on various browsers:
-
Firefox: CVE-2019-11708 and CVE-2019-9810
-
Internet Explorer: CVE-2014-6332 and CVE-2016-0189
-
Edge: CVE-2016-7200
These exploits automatically install and run Windows malware on the host machines, which not only can lead to further system compromises.
Learn how Browser Security Plus can help you avoid Cloud9 problems
With Browser Security Plus, you can manage the extensions that are installed on your browsers across your network. To defeat this malicious Remote Access Trojan, all you have to do is allowlist the safe and wanted extensions in all your browsers. To do this:
-
Log in to your Browser Security Plus console.
-
Navigate to Policies > Add-on Management.
-
Allow only the required and safe extensions.
And just like that, your browsers are secure from this wild, malicious extension.
Why it’s so important to manage extensions on your browsers
In the first half of 2022, 1.3 million users suffered data breaches because of harmful extensions. Don’t want your enterprise to become a victim of such attacks? Here’s how you can manage these extensions seamlessly using Browser Security Plus
-
Discover potentially harmful extensions being used in your network.
-
Remove unnecessary extensions.
-
Block permissions directly instead of blocking extensions. This will ensure that all extensions that use the blocked permissions will in turn be removed.
-
Gain comprehensive insights about the extensions that are installed on your browsers.
-
Allowlist and blocklist extensions based on user requirement.
In order to avoid extensions being installed from unknown and third-party stores, Browser Security Plus allows you to maintain your own extension repository where you can add extensions based on their extension identifier.
Apart from this, with Browser Security Plus you gain holistic insights about the browsers, extensions, and plug-ins used in your network. You can also lock down your enterprise browsers, harden your browser settings, and filter out malicious web applications to stay safe from cyberattacks. Learn more about implementing a safe browsing experience for your end users!
Browser Security Plus is your one-stop solution to prevent browser-based attacks and manage multiple browsers across your enterprise network. Secure your browsers now! Get a free, 30-day trial here!