![]() ![]() ![]() ![]() This does not mean that Tampermonkey is malicious, but rather that a malicious program is utilizing a legitimate program for bad behavior.Īs you can see from this sample on VirusTotal, Gom Player is manually installing the dhdgffkkebhmkfjojejmpbldmpobfkfo extension to the victim's drive. This type of program may be utilizing an extension like Tampermonkey to facilitate the injection of ads or other malicious behavior. Gom Player is known for modifying browser behavior, injecting ads, and changing search behavior in browsers. When we saw this story first reported by TechDows, BleepingComputer began researching malware samples and was able to discover a sample of an adware called Gom Player that is installing the Chrome Web Store version of Tampermonkey. Unfortunately, BleepingComputer does not have the answers to this at this time and have reached out to Opera for more information. This is where it gets a bit confusing as they don't really explain what the actual issue is? Is the extension being modified, which means its not the same extension anymore as the one on the Chrome Web Store and should not be blocked, or is it being used by another program/extension to bypass the acceptance criteria? The message then goes on to say that the installed extension is being "used as a vehicle to circumvent our acceptance criteria for browser extensions." ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |