Powered by Zoomin Software. For more details please contactZoomin

Flowmon ADS BPATTERNS Description

Table of Contents

DroidclubBotnet - description

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: May 1, 2026
  • 1 minute read
    • Flowmon Products
    • Flowmon Anomaly Detection System
    • Documentation

Malicious Chrome extensions forming DroidClub botnet discovered in Chrome Web Store

DroidclubBotnet is a botnet that spreads through malvertising and is downloaded as a Chrome extension from the official Chrome Web Store.

The botnet injects advertisements and cryptocurrency mining scripts into websites. The advertisements can appear at various intervals as new tabs or windows. Additionally, certain words on legitimate websites may contain links to advertisements. The botnet also replaces original advertisements with those controlled by attackers. It misuses web analytics libraries to compromise user privacy and can collect credit card numbers, CVC codes, and other sensitive information. However, it does not capture passwords because the analytics library is not designed to collect password data.

DroidclubBotnet infection flow diagram
DroidclubBotnet infection flow diagram

TitleResults for “How to create a CRG?”Also Available inAlert