Cybercriminals have disguised malware as important Google Chrome security updates
Cybercriminals are disguising dangerous malware as important Google Chrome security updates – and they’re spreading it through news sites.
The malware was first spotted by analysts at antivirus company Doctor Web. According to Doctor Web, a number of websites that use the WordPress CMS platform have been hacked and embedded with some pretty dodgy JavaScript code.
Related: Best laptop
The code redirects visitors to a phishing site that feels eerily familiar to Google’s own Chrome update page.
“Now more simple, secure and faster than ever – with Google’s smarts built-in,” claim both the official security update and the fake one.
But, while the page claims to host an important security update for the popular internet browser, Doctor Web warns users not to download the update.
“The downloadable file is a malware installer that allows attackers to remotely access and control the infected computers,” Doctor Web’s report reads. “Over 2000 people have downloaded the fake update so far.”
The cybercrims reportedly managed to gain administrative access to a handful of websites to create an infection chain. Meaning that, rather than beef up your browser’s security, clicking ‘Download Update’ will instead load up a malware installer that could allow an attacker remote access to your computer.
Related: Best VPN
Google Chrome users from the UK, US, Canada, Australia, Turkey and Israel have reportedly been targeted by the criminal group.
The dodgy Chrome update has a digital signature that is identical to the fake NordVPN installer released by the same cybercriminal group in the past. The same group has also been found responsible for spreading a fake version of the VSDC video editor through the company’s official website as well as through the CNET software platform.
If a Chrome update pops up after you visit a blog or news site, you’ll probably want to think twice and make sure everything is legitimate before clicking the download button.