The Evolution of the Chromeloader Malware


Executive Summary

ChromeLoader proves to be an extremely prevalent and persistent malware. It initially drops as an .iso and can be used to leak users’ browser credentials, harvest recent online activity and hijack the browser searches to display ads. The VMware Carbon Black Managed Detection and Response (MDR) team observed the first Windows variants of ChromeLoader in the wild in January 2022 and the macOS version in March 2022.

There are some variants known to ChromeLoader, including Chrome…

Read More