Trusted Reviews may earn an affiliate commission when you purchase through links on our site. Learn More

Cybercriminals have disguised malware as important Google Chrome security updates

Cybercriminals are disguising dangerous malware as important Google Chrome security updates – and they’re spreading it through news sites.

The malware was first spotted by analysts at antivirus company Doctor Web. According to Doctor Web, a number of websites that use the WordPress CMS platform have been hacked and embedded with some pretty dodgy JavaScript code.

Related: Best laptop

The code redirects visitors to a phishing site that feels eerily familiar to Google’s own Chrome update page.

“Now more simple, secure and faster than ever – with Google’s smarts built-in,” claim both the official security update and the fake one.

But, while the page claims to host an important security update for the popular internet browser, Doctor Web warns users not to download the update.

“The downloadable file is a malware installer that allows attackers to remotely access and control the infected computers,” Doctor Web’s report reads. “Over 2000 people have downloaded the fake update so far.”

The cybercrims reportedly managed to gain administrative access to a handful of websites to create an infection chain. Meaning that, rather than beef up your browser’s security, clicking ‘Download Update’ will instead load up a malware installer that could allow an attacker remote access to your computer.

Related: Best VPN

Google Chrome users from the UK, US, Canada, Australia, Turkey and Israel have reportedly been targeted by the criminal group.

The dodgy Chrome update has a digital signature that is identical to the fake NordVPN installer released by the same cybercriminal group in the past. The same group has also been found responsible for spreading a fake version of the VSDC video editor through the company’s official website as well as through the CNET software platform.

If a Chrome update pops up after you visit a blog or news site, you’ll probably want to think twice and make sure everything is legitimate before clicking the download button.

Unlike other sites, we thoroughly review everything we recommend, using industry standard tests to evaluate products. We’ll always tell you what we find. We may get a commission if you buy via our price links. Tell us what you think – email the Editor