Hackers' strategy to download dangerous' Google Chrome update ': Researchers at the Russian' Doctor Web 'virus lab have issued a warning after thousands of victims were tricked into downloading dangerous backdoors disguised as Google Chrome updates.
Microsoft confirms unprecedented changes in Windows 10 update Microsoft confirms unprecedented changes in Windows 10 update and
WhatsApp users have been warned about an upgrade warning that doesn't seem to matter.
As reported by Kate O’Flaherty on March 19, Google has already stopped all upcoming Chrome releases to adjust the work schedule for developers affected by the COVID-19 epidemic.
Google has also decided to omit the next point release, which was the reason for Chrome 822.
However, Google has confirmed that it will "continue to prioritize any security updates."
Google Chrome users are being warned that the security researchers who uncovered it have been branded as "dangerous underworld".
You reviewed it as a Chrome update.
Experienced hackers are behind the fake Google Chrome update
In a March 25 Doctor Web blog post, researchers warned that the trusted Google Chrome update download was being linked to multiple WordPress-powered sites that had been compromised by hackers.
Successful hacking by hacking actors on those pages, including everything from news blogs to official corporate sites
The campaign has a history of "the hacker group behind the attack was previously involved in spreading a fake installer of the popular VSDC video editor through its official website and CNET software platform," they said.
Once admin access to the sites is gained,
Sophisticated data-stellar comes as part of this dangerous package
This is of course far from valid and is actually a malware installer file.
A file that has been downloaded more than 2,000 times, according to Doctor Web researchers. Once the file is executed,
A TeamViewer remote control application is installed with password-protected archives
So that there are files that threat actors use to remove malware from Windows Antivirus Protection.
Malware payloads can then be further distributed with a keylogger and a sophisticated Russian-based data stellar.
Known as Predator the Thief, the thief has been active for the past 18 months.
It is known that researchers use anti-debugging and anti-analysis techniques to discourage identification and analysis.
The target victims are still people from the United States, Canada, Israel, Australia, Turkey and the United Kingdom, based on a combination of geolocation and browser detection.
According to Dr. Webb, downloaded files are digitally signed,
The same can be identified to hackers who recently distributed a fake NordVPN installer.
Mitigation advice for Google Chrome users
If you are a Google Chrome web browser user, keep in mind that Chrome was the first to include a feature to automatically update itself.
It will regularly check for any updates and they will be applied when you start the application.
Help from the "Three Dots" dropdown menu at the top right of the browser
With the help of Google Chrome you can check your latest version which is 80.0.3987.149 till March 26.
If for whatever reason, you are not running the latest version, it will also kickstart the update process.
You will not be redirected to any web page where you have been asked to download an update from Google.
To avoid being hacked, refrain from downloading from any source other than Play Store and other apps.
Stay safe.
Thanks for reading this post.
Be sure to leave your feedback in the comment box.
0 Comments