Rilide malware is a new malware that is disguised as a legitimate Google Drive extension. This malware enables threat actors to carry out a broad spectrum of malicious activities, including monitoring browsing history, taking screenshots, and injecting malicious scripts to withdraw funds from various cryptocurrency exchanges. This malware can also display forged dialogs to deceive users into entering a two-factor authentication code to withdraw digital assets. The origins of Rilide are unknown, but it is believed that the malware was created in March 2022 by a threat actor who advertised the sale of a botnet with similar functionalities.
top of page
bottom of page