ir-22-266-001 (1)

10827725278?profile=RESIZE_400xChromeLoader proves to be an extremely prevalent and persistent malware.  It initially drops as an .iso and can be used to leak users’ browser credentials, harvest recent online activity, and hijack browser searches to display ads.  The VMware Carbon Black Managed Detection and Response (MDR) team observed the first Windows variants of ChromeLoader in the wild in January 2022 and the macOS version in March 2022.   There are some variants known to ChromeLoader, including ChromeBack and Choziosi L