Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Cyber-thieves Distributing Fake Chrome Updates Following Google’s Own Authentic Release

Google has just released its Chrome browser's upgrade that opened opportunity to cyber-criminals for creating fake updates which they're tricking end-users to install in anticipation of filching their Internet-banking credentials, cautions GFI Software, the security company.

Reportedly, on 11th January 2013 Google's recent update became available as it plugged 24 security loopholes of the browser software. The normal time by when Google revises Chrome is 6-8 weeks and this is sufficient time for cyber-crooks to get end-users ensnared.

Incidentally, imitating the identical ruses employed previously, cyber-crooks have laid the traps on online sites that pretend to be from Google. The update notification takes onto certain website, which utilizes the legitimate font of Google, as also exhibits 'Chrome's' logo. These more-or-less convince site visitors for downloading one .exe file named "Update-Google-Chrome" that apparently indicates it's to ensure the user is safeguarded via the web-browser's most recent update, reports GFI.

In practice, when consumers surf with Google they somewhat get saved via the Internet giant itself. But, suppose any unwitting consumer attempts at taking down the "update" while surfing through Chrome, Google would show an alert suggesting the executable maybe harmful.

Effectively, Security Researcher Chris Boyd at GFI Software observed that a website named Malwr.com listed the executable file. That website mentioned efforts for getting Password Manager of Firefox from local database. Thereafter VirusTotal's (non-chargeable malware scanner) comment section too showed the file as listed suggesting it could filch banking credentials, Boyd explained. Infosecurity-magazine.com published this dated January 11, 2013.

Boyd explained that the during the second listing, the file seemingly had association with the ZeuS banker Trojan for, a Domain Name System query the malware issued was to one website that was associated with BlackHole/ZBot assaults.

GFI said that the malware was Trojan.Win32.Cleaman.aj (v).

And like all malware the above-mentioned one too was undesirable therefore Chrome-users interested in updates must surely go through the information within Chrome's associate page, advised Researcher Boyd. Gfi.com published this dated January 11, 2013.

Meanwhile, as fake upgrades didn't necessarily emerge after every Chrome revision, criminals might lay more traps during days ahead, GFI Software concluded.

Related article: Cyber Attackers Move To Abandoned Sites

» SPAMfighter News - 1/24/2013

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page