Malicious Pop-Ups Promise Browser Updates But Spread Malware2:09 PM EST Wed. Nov. 28, 2012
Hackers are taking advantage of recent browser updates to trick users into downloading malware. Their malicious pop-ups appear to be genuine but redirect the user to websites where they download malware, rather than the browser update.
Internet Explorer, Firefox and Chrome have all issued recent browser updates, and users are advised to make sure that they only use downloads from trusted sources.
According to the website, stopmalvertising.com, the attack redirects users to a malicious site located at securebrowserupdate.com, leveraging a pop-up window that tells them that their respective browsers are out of date. To make the scam appear genuine, the software behind the pop-up window can typically determine which browser is in use at the time. A number of options are presented for update, but none of the identifiers match current versions of either browser.
In some circumstances, the software is believed to offer additional software, including AV packages and service packs, for download.
There is also evidence to suggest that users who access the sites using mobile devices are targeted for fraudulent SMS charges.
"The bad guys behind this threat made an effort to make this ruse appear legitimate," added Santos. "These pages ... were made to look like the browsers' official sites. To further convince users to download the fake update, the sites even offer an integrated antivirus protection."
According to Trend Micro's blog, France and the United States appear to be the most heavily targeted locations for the exploit.
PUBLISHED NOV. 28, 2012