Edit: I should have said "Chromium", not Chrome. They are repackages of Chromium, usually with functionality to send browsing activity to a third party.
"Wave Browser" is the common one that comes to mind immediately. I have several flagged in the "endpoint security" software I support, though.
The workflow is: (1) User wants some software functionality they don't have, (2) they search-engine using keywords like "convert Word to PDF", (3) they find a program that promises to do the thing they want, (4) they download it and click thru any warnings because they "want the thing", and (5) they end up with persistent per-user malware installed in their "AppData" folder.
It cannot. There are malicious third parties who have made distributions of Chromium that are fully functional browsers, installing in the user's AppData folder w/o Administrator rights, that have additional "functionality" like exfiltrating browsing history or displaying extra t
This is really what any Electron-based app is. It's just Chromium running out of the AppData folder. There's a whole ecosystem of "shadow IT" software that installs out of the AppData folder, meant to end-run IT and central control, that functions great w/o Administrator rights.
I thought that was a pretty common pattern now for a variety of software tools. Was pretty sure that Chrome + Firefox did not need administrator privileges to be available to a user.
"Wave Browser" is the common one that comes to mind immediately. I have several flagged in the "endpoint security" software I support, though.
The workflow is: (1) User wants some software functionality they don't have, (2) they search-engine using keywords like "convert Word to PDF", (3) they find a program that promises to do the thing they want, (4) they download it and click thru any warnings because they "want the thing", and (5) they end up with persistent per-user malware installed in their "AppData" folder.