Fake Google Chrome update download could steal all your data

News
By published

Businesses across the world targeted by fake Google Chrome update

(Image credit: Pixabay)

Businesses across the world have been targeted by a new cyber scam that impersonates Google Chrome update download pages.

Researchers at Proofpoint identified the malware campaign targeting organizations in Canada, France, Germany, Spain, Italy, the United Kingdom, and the United States, with thousands of messages sent around the world over the course of just a few weeks.

The messages told the victims they needed to upgrade to the latest version of the Google Chrome or Internet Explorer browser, but actually included links to websites compromised with malware.

Google Chrome malware

Proofpoint identified the campaign as being the work of prolific threat actor TA569, also known as SocGholish, as the compromised messages included links websites compromised with SocGholish HTML injects.

These injects are able to analyse the geolocation, operating system, and browser used by the recipient, and if deemed a suitable victim, look to convince them to click on a link in the email message.

Rather than the promised Google Chrome update however, clicking on this link downloads one of several malicious payload. Proofpoint's analysis spotted a a banking Trojan (Chthonic) that was a variant of the notorious Zeus banking Trojan, as well as remote-control software (NetSupport) that can give hackers remote access to compromised systems.

The attack targeted a number of major businesses across multiple verticals, including education, state governments, and manufacturing, and numerous others. 

"While this technique isn’t new, it’s still effective because it exploits the intended recipient’s desire to practice good security hygiene," Proofpoint wrote in a blog post outlining the findings. 

"Keeping software updated is a common piece of security advice, and this actor uses that to their advantage. These campaigns illustrate that malware and threat actor tactics don’t have to be novel to find success, even in today’s rapidly changing threat landscape."

TOPICS
Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Security
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
ransomware avast
Billions of credentials were stolen from businesses around the world in 2024
ID theft
Hackers claim Orange attack, threaten to leak 1TB of data
A computer file surrounded by red laser beams
Free online file converters could infect your PC with malware, FBI warns
Close up of a person touching an email icon.
Criminals are using CSS to get around filters and track email usage
DeepSeek on a mobile phone
More US government departments ban controversial AI model DeepSeek
Latest in News
Adobe Firefly
Adobe launches game-changing GenAI tools for video editing
Adobe AI agents
Adobe launches 10 new AI agents to automate key marketing workflows
Windows 10
Microsoft gets into the spam game by again emailing Windows 10 users to prod them to upgrade to Windows 11 – is the nagging going too far now?
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Leaked Galaxy S25 Edge pricing gives us a clearer idea of how the super-slim phone will fit into Samsung's lineup
Samsung Galaxy Z Flip 6 in blue
The Samsung Galaxy Z Flip SE may launch months after the Galaxy Z Flip 7
More about security
An Android phone being held in the hand

These malicious Android apps were installed over 60 million times - here's how to stay safe
ransomware avast

Billions of credentials were stolen from businesses around the world in 2024
Adobe Firefly

Adobe launches game-changing GenAI tools for video editing
See more latest
Most Popular
Adobe Firefly
Adobe launches game-changing GenAI tools for video editing
Wix Functions
Wix launches no-code tool to streamline business flows
A render of an Intel CPU in a futuristic PC.
Intel fans, rejoice - XeSS 2 is coming to more games, as its SDK is available for all developers to download
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
Windows 10
Microsoft gets into the spam game by again emailing Windows 10 users to prod them to upgrade to Windows 11 – is the nagging going too far now?
Adobe AI agents
Adobe launches 10 new AI agents to automate key marketing workflows
Xbox Adaptive Joystick
The Xbox Adaptive Joystick has arrived, and you can buy it now exclusively at the Microsoft Store
Nvidia GTC 2025
Nvidia, Google, and Disney's AI-powered Star Wars robot is absolutely the droid I've been looking for
Frank Castle holding Matt Murdock against a locker in Daredevil: Born Again episode 4
Daredevil: Born Again episode 4 ending explained: who is Muse, what does Sic Semper Systema mean, who is Adam, and more big Marvel questions answered
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Leaked Galaxy S25 Edge pricing gives us a clearer idea of how the super-slim phone will fit into Samsung's lineup