Malware Driven Google Chrome and Adobe Flash Updates Reportedly Making the Rounds

rated by 0 users
This post has 2 Replies | 0 Followers

Top 10 Contributor
Posts 26,687
Points 1,207,130
Joined: Sep 2007
News Posted: Sun, Oct 20 2013 10:51 AM
Malware writers are a tricky bunch, and if you're not suspicious of every little thing on the Internet, you could fall prey to one of their many tactics, like spoofing software updates. It's not really a new method, though apparently serving up fake updates for Google Chrome and a fake media player update that appears to come from Adobe are popular right now.

To make it look even more authentic, both updates are digitally signed by valid VeriSign code signing certificates, ZDNet reports. This isn't the first time malware writers have tapped VeriSign to appear legitimate, though it's not always the preferred method because it's expensive.

Fake Chrome Update

Sometimes there are telltale signs of malware. In this case, the Chrome logo in the fake update is slightly different from the real logo. As for the Adobe update, it doesn't actually say "Adobe" or contain the company's logo, it just uses an update GUI that looks very similar to the real thing. Installing it will serve up adware, whereas the spoofed Chrome update is identified as W32/Kryptik, which gathers details on the infected host's FTP servers.

"I have dedicated much of this write up on the ability of this malware to steal FTP info; I believe that this is what the malware was designed for," Zandro Iligan, senior antivirus analyst with FortiGuard Labs, explains in a blog post. "Few authors take the time to make their malware code as clean as possible. This specific malware is well thought out and very carefully coded."

ZDNet's Larry Seltzer said he stumbled upon both spoofed updates through a typo in the address bar.
  • | Post Points: 35
Top 500 Contributor
Posts 116
Points 810
Joined: Apr 2013

Well..only half at risk...I don't use chrome... :/

  • | Post Points: 5
Not Ranked
Posts 14
Points 145
Joined: Apr 2013

That's been going on for months. All people need to remember is that Chrome updates itself as does Flash. IMO malware only affects people who are either ignorant about their computers or those who just make really stupid decisions.

  • | Post Points: 5
Page 1 of 1 (3 items) | RSS