GhostHook v1.0: New Fileless Malware Threatens Browsers on Multiple Platforms

A new malicious program, GhostHook v1.0, is rapidly spreading on a cybercriminal forum. This innovative fileless malware for browsers, developed by the hacker group Native-One, is distinguished by its unique distribution methods and versatility, posing a significant threat to various platforms and browsers.

GhostHook v1.0 supports operation on Windows, Android, Linux, and macOS operating systems. The program is compatible with major browsers, including Google Chrome, Mozilla Firefox, Opera, and Microsoft Edge.

The malware can propagate through seemingly innocuous URLs, which can be disseminated via various channels, including:

• Social media posts;
• Forum messages;
• URLs sent via email;
• SMS messages;
• Messages in WhatsApp, Telegram, XMPP, and other messengers;
• Virtual and physical QR codes.

The main advantage of GhostHook is its ability to operate without file downloads, using the browser to inject malicious code. This allows the program to infiltrate systems unnoticed.

GhostHook can redirect users to any site, download files via direct links, integrate into existing sites, or load custom HTML for specific campaigns or landing pages.

This new malware has the potential to become a powerful tool in the arsenal of cybercriminals. Its active dissemination on hacker forums highlights how quickly such threats can gain popularity and how dangerous they can be.

Both cybersecurity experts and ordinary users must be prepared for this threat, taking all necessary precautions to protect against this new type of malware.