After noticing a browser extension communicating with a suspicious domain, researchers analyzed the Google Chrome extension named Desbloquear Conteudo (unblock content) and found that it was a rare banker malware. The extension, identified as HEUR:Trojan-Banker.Script.Generic has been removed from Chrome Web Store.

Read full news article on Infosecurity