Microsoft And Google Chrome Users Targeted By Sophisticated Malware Campaign

Cyber experts warn about a sophisticated malware mimicking Microsoft and Google Chrome to steal sensitive information.

Advertisement
Read Time: 2 mins
Over 100,000 messages have targeted thousands of organizations globally.

The risk landscape on the internet has grown more complex as hackers come up with new strategies to take advantage of users who are not careful. Many consumers fall victim to these malwares even if they use digital services with the highest possible standards.

Cyber experts warn that a new and sophisticated malware that looks like Microsoft and Google Chrome may be able to steal money from owners of Microsoft devices.

Online security company Proofpoint has been warning about a malicious campaign since March, observing that "cybercriminal threat actors are adopting new, varied, and increasingly creative attack chains."

Proofpoint discovered a further spread of the malware this month. It impersonates Microsoft Word and poses as a phoney update for web browsers like Chrome in an attempt to trick users into downloading a harmful set of files.

From there, the delayed, Trojan Horse-esque attack gets access to cryptocurrencies, sensitive files, and personal information.

According to Proofpoint, researchers first observed this technique with the ClearFake campaign in early April, and they have observed it used in every ClearFake campaign since then. ClearFake is a fake browser update activity cluster that compromises legitimate websites with malicious HTML and JavaScript.

Cybercriminals use fake Chrome update prompts and phishing emails to trick victims into running malicious code in PowerShell. This malware reroutes cryptocurrency transactions to the perpetrators. Phishing emails mimic work-related messages and contain deceptive HTML files, leading victims to execute harmful scripts in PowerShell.

Advertisement

As per Proofpoint, "the campaign included over 100,000 messages and targeted thousands of organisations globally."

In a similar fashion, Microsoft's cloud storage, OneDrive, was also mimicked for nefarious purposes.

"The social engineering in the fake error messages is clever and purports to be an authoritative notification coming from the operating system," Proofpoint noted.

"It also provides both the problem and a solution so that a viewer may take prompt action without pausing to consider the risk."

Featured Video Of The Day
AAP Announces Door-To-Door Registration Drive For 2 New Welfare Schemes
Topics mentioned in this article