Users can not leave a malicious website while they don’t agree to install the proposed malicious Chrome browser extension.
The Malwarebytes cyber security analytic Jérôme Segura has informed about a new malicious campaigns affecting Google Chrome users. The attackers use annoying “Add Extension to Leave” pop-ups to send the victims to an infected website which contains an adware app. The redirected users are not able to leave this malicious website until they download and install the imposed Google Chrome browser extension.
Once installed on system, this extension performs the following actions. First of all, the application blocks user’s access to chrome://extensions and chrome://settings pages. If you try to open Chrome Extensions or Chrome Settings, you will be automatically redirected to the chrome://apps page.
The adware extension also intercepts and redirects web traffic. One you try to visit a website with some certain keywords in the URL, you will be redirected to a malicious website in order to bring the attackers a profit from malvertising. The victims are typically redirected to different types of websites – from suspicious websites showing various online advertising to fake tech support services.
According to Malwarebytes, the behavior of this malicious browser extension is somewhat surprising, since most adware campaigns typically redirect users to more dangerous websites which contain exploit kits infecting computers with ransomware or bank trojans.