In order to reach the widest possible audience, hackers take advantage of the popularity of certain programs to try to deceive users and, as on this occasion, fill their computers with viruses. A new malware distribution campaign takes advantage of none other than Google Chrome, the browser used by the majority of Internet users. And, furthermore, it is capable of filling your computer with viruses with just one click.
This new malware distribution campaign has been detected and reported by NTTSecurity, who became aware of it last February of this year. To trick users, hackers display a false error message when updating the browser, along with a message inviting them to download and manually install a patch to fix this problem.
The message, which appears in English, is very successful, since it uses a typography and a design equal to the browser errors. If you pay attention to it, you will download a ZIP file, inside which there is an .EXE file, the malware in question. Among other threats, this executable is responsible for installing a mining viruswhich will use your PC’s CPU and resources to generate cryptocurrencies, especially Monero.
In addition to infecting your computer with malware, this virus:
- It creates a copy of itself, called “updater.exe” inside Program Files / Google / Chrome.
- It starts a legitimate conhost.exe process, and injects itself into it so as not to attract the attention of antiviruses.
- It has persistence within the task manager and the registry.
- It is automatically excluded from Windows Defender so as not to be detected.
- Forcefully ends Windows Update processes.
- Modify the Hosts file to not connect to antivirus websites.
What to do with the fake Google Chrome update
This error message can appear at any time, since hackers are taking advantage of advertising campaigns to appear even on legitimate and trustworthy websites. However, while it may appear legitimate, it is actually easy to identify, and also to avoid.
The first thing you have to do is, if you come across this message, ignore it completely. As long as you don’t download any file, and open it on your computer, you won’t be in danger. If you have downloaded a file, and you have suspicions, the ideal is Scan those files with the antivirus that you have installed on your computer in order to detect and remove the threat.
And finally, it is important to remember that, to update Google Chrome, you always have to do it from the “Help > Google Chrome Information” section. The browser will search for new versions, or patches, and safely download and install them by itself. In this way you will not take unnecessary risks or expose your PC to hackers.
Remember that you can also manually install the latest Google Chrome on your computer. Perfect in case automatic updates give you some kind of problem.
