Security News > 2023 > June > New ‘Shampoo’ Chromeloader malware pushed via fake warez sites
A new ChromeLoader campaign is underway, infecting visitors of warez and pirated movie sites with a new variant of the search hijacker and adware browser extension named Shampoo.
ChromeLoader is a browser hijacker that force-installs browser extensions that redirect search results to promote unwanted software, fake giveaways, surveys, adult games, dating sites, and other irrelevant results.
More recently, in February 2023, security researchers at ASEC discovered a campaign where ChromeLoader malware was distributed in VHD files named after popular video games.
HP's analysts report that in the campaign that started in March 2023, ChromeLoader is distributed via a network of malicious websites that promise free downloads of copyrighted music, movies, or video games.
Shampoo is a variant of ChromeLoader, capable of injecting adverts on websites the victim visits and performing search query redirections.
"Removing ChromeLoader Shampoo is not as simple as uninstalling a legitimate extension," warns HP in the report.