Warning: Fake Google Chrome update contains malware
Ransomware is a type of malicious software (malware) that encrypts all data on a computer or mobile device and blocks the owner’s access to this data. When this infection occurs, the victim receives a message with instructions on how to pay the ransom (usually in bitcoins).
According to Aetna from Isna, the extortion process often includes a time limit for payment and the payment of the fine must give the victim the decryption key, but there is no guarantee that this will happen. There are two common types of ransomware; Encryption ransomware that includes advanced encryption algorithms. This program is for blocking system files and demanding ransom, and for the victim to access them, there is a key that can decrypt the blocked content.
Ransomware has some key features that set it apart from other malware, and one of its features is unbreakable encryption, which means you can’t decrypt the files yourself, but ransomware can take all types of files, from documents to images, audio files, and more. which may be on the computer.
In this regard, security researchers have warned about a new fake Chrome browser update campaign that uses a new malware called FakeUpdateR to trick users into downloading a remote access Trojan. The campaign came to light after the malware had already affected several websites, which were later noticed by Google.
According to Sucuri researchers, the malware affects both WordPress sites and CMS platforms by rewriting the original index.php file to replace website content with a malicious wrapper; In some cases, the malware was injected into the index.html files under the wp-content folder.
Also, some of these infected websites contained JavaScript code that is used to communicate with the Telegram channel, and the attackers will use Telegram to manage notifications.
Recently, Sekioa researchers observed a similar campaign that used the new ClearFake malware. The strategies and methods used in the campaign were similar to those of the SocGholish and FakeSG campaigns, mainly revolving around the use of social engineering methods and tricking users into installing fake web browser updates.
Investigations show that the recent attack was based on tricking users into downloading fake and infected versions of Google’s Chrome browser, but according to its previous records, there is a possibility that similar tools are also infected.
The emergence of a new fake malware Google Chrome update is a reminder that upgrading browsers using standard procedures is of great importance, so the experts of the Computer Incident Management Center (Maher) advise users to regularly update the extensions and themes. monitor usage on their sites; It is also important to regularly back up websites and properly implement firewall configurations to prevent malware attacks such as FakeUpdateRU.