LASER_oneXM

Level 31
Verified
As a Mac malware specialist, I’ve seen more than my share of folks saying “Macs don’t get viruses” over the years. I’ve seen and experienced first-hand that this isn’t true—even on iOS, where despite having tight, built-in security, iPhones are still capable of getting infected by rare malware. I suppose that I shouldn’t be surprised, then, when I hear someone claim that “viruses on Chrome OS don’t exist.”

Although it’s certainly true that viruses—the class of malware that spreads itself by injecting malicious code into other processes—really don’t exist to a significant degree these days, even on Windows, it’s definitely not true that any platform is impervious to malware. Chromebooks are no exception.
 

askalan

Level 15
Malware Hunter
Verified
I have heard that there is also Ransomware for Chromebooks. In order not to get this ransomware and to keep your own data, you have to be careful not to throw the Chromebook out of your window... Otherwise all data is gone.

"Bad guys can get away with a lot of bad stuff, including stealing user data, phishing for passwords, hijacking CPU power for the purpose of a botnet or cryptomining, and more, all without admin permissions. The same is true on Chrome OS."


No wonder. It's a laptop with an Internet browser. Everyone who uses an Internet browser is exposed to these dangers (as well as Linux users, they are not protected from phishing sites).

"Since there is, definitively, already malware that can affect Chromebooks, it's reasonable to install antivirus software on a Chromebook."
Yes and I guess MalwareBytes for Android/ChromeOS will protect me best.
 

JM Safe

From Zemana
Verified
I have heard that there is also Ransomware for Chromebooks. In order not to get this ransomware and to keep your own data, you have to be careful not to throw the Chromebook out of your window... Otherwise all data is gone.

"Bad guys can get away with a lot of bad stuff, including stealing user data, phishing for passwords, hijacking CPU power for the purpose of a botnet or cryptomining, and more, all without admin permissions. The same is true on Chrome OS."

No wonder. It's a laptop with an Internet browser. Everyone who uses an Internet browser is exposed to these dangers (as well as Linux users, they are not protected from phishing sites).

"Since there is, definitively, already malware that can affect Chromebooks, it's reasonable to install antivirus software on a Chromebook."
Yes and I guess MalwareBytes for Android/ChromeOS will protect me best.
Agree.
 

Inquisitive

Level 1
First, the article brings up every single "bad" thing that could be thought of to scare the readers. Then, conveniently at the end, it turns out that there's a solution to all these horrible, nasty, imminent(according to them) problems. And what's that? Oh, to buy our product of course! I should've seen this coming, first their product went sailing down hill, it was only a matter of time before their blog started to follow.
 

JM Safe

From Zemana
Verified
That was just an example. I wanted to make it clear that there will always be a way to get infected as long as you call a password theft an infection, like MalwareBytes.
Yes, a lot of people say on Unix for example security software or extensions are useless, well in my opinion they are not useless. Now I am switched back to Windows 10 (I will share my new config in 2019) but even with linux I had Firejail, GUFW (firewall) and security extensions on the browser.
 

Slyguy

Level 40
It's pretty obvious who is running Malwarebytes now.. The marketing shills.

Before everyone gets their panties all bunched up let me point out that this article is a pile of FUD. Everyone keeps saying 'I hear there is' or 'rumor has it'. But the fact remains, there isn't any malware out there that can directly infect ChromeOS itself. The article referenced above doesn't even provide any measurable evidence of malware for ChromeOS.

So, what's the threat vectors for ChromeOS? As of yet, none, speaking of the OS itself. What are 'potential' vectors? Only two;

1) Installing bad extensions. In which case, they are still isolated in ChromeOS and contained to the browser sandbox process. The worst case, it can infiltrate your browsing experience. Solution: Don't install extensions or be careful of the extensions you do install. Done. Problem solved.

2) Allowing Googleplay for Chrome OS. However I will carefully point out that Android Malware DOES NOT equal ChromeOS malware. In more cases than not (roughly 99%), that malware is coded to impact Android Phones/Tablets and has no functionality in ChromeOS itself. However it can do 'things' within the Android Container isolated from ChromeOS since it doesn't have any access to ChromeOS user space it's irrelevant in most cases.

In all cases illustrated, we still have no evidence of any actual ChromeOS malware in existence unless someone can present one, and demonstrate it hijacking a ChromeOS itself (not browser, not android emulation) Laptop in video format, without disabling Verified Boot, etc. Companies like Malwarebytes are sustained by a constant flow of vulnerable operating systems and fearmongering. ChromeOS and other more secured OS's present a viable, real-time threat to Malwarebytes declining presence in the world.

PS: Look at the comments on that article. MBAM is getting savaged because really, the article amounts to lies.
 

DeepWeb

Level 22
Verified
Everything can and will get infected but a Chromebook running on an ARM chip with a separate security processor is probably 1000x safer than a Windows laptop. Not even joking about 1000x. How much true malware is there for Chromebooks compared to Windows? What's the likelihood you run into that malware? The biggest risk is like people have said already: phishing and privacy.
 

Slyguy

Level 40
Everything can and will get infected but a Chromebook running on an ARM chip with a separate security processor is probably 1000x safer than a Windows laptop. Not even joking about 1000x. How much true malware is there for Chromebooks compared to Windows? What's the likelihood you run into that malware? The biggest risk is like people have said already: phishing and privacy.
Absolutely. ChromeOS is the only thing I am confident about putting online 24/7 without any concern for any voodoo happening with it. Not a concern in the world. In hotels and other public places I just flip the VPN on and move on with life. No extensions other than uBlock of course, and no Android Apps needed for me.

Windows, by comparison is a complete and utter mess filled with holes, vulns and exploits numbering in the thousands and a consistent string of newly found ones popping up almost weekly. Windows itself is responsible for feeding an entire billion dollar industry for products that really shouldn't even be needed if it wasn't such a mess. If I didn't need to game, I wouldn't even own a Windows Box.

Speaking of which..
Internet Explorer vulnerability leaves users exposed
 

Vasudev

Level 27
Verified
So much for impenetrable Chrome OS. It all boils to the fact that malware infections happens due to user's stupidity. In a way, I was stupid to believe that and now I'm enabling my super beta Security eye which I use for Windows 10 to keep me protected.