CATEGORIES
home News

Microsoft Kills Malicious Ad Promoting Fake Google Chrome Downloads Within Edge Browser

by Brandon HillMonday, October 29, 2018, 10:59 AM EDT
Chrome
Last week, Microsoft unwittingly provided a gateway to malicious content via Bing ads within the Microsoft Edge web browser. A malicious ad was being served that was promoting a fake version of the Google Chrome download site.

What makes this particular incident so dangerous with the potential to affect millions of people is the fact that one of the first things that many people do when setting up a new computer is to fire up Microsoft Edge (usually for the first and last time) to download Google Chrome or another browser. Google Chrome is by far the most popular browser in the world, and Microsoft Edge has been relegated to also-ran status.

In this case, using the search term "Download Chrome" was enough to cause the ad to pop up in the Bing search results. Usually when a user enters that search term, a “real” Google ad is presented that will redirect to the official Google website where you can download the Chrome web browser. However, this malicious ad redirected users to a site that was setup to mimic the Google website.

After clicking on the link, the key tipoff that this the site wasn't legit was that the URL was www.googleonline2018.com/chrome/. The website even had a blue button where you could "Download Chrome" after which a file called ChromeSetup is downloaded from tasetofini.com (another big red flag).

Gabriel Landau, who first brought attention to the issue, posted a video (seen above) in which he walks through the steps of downloading the malicious file. In a tweet, he asked the Bing Team "Why is this still happening in 2018?".

Bing Ads responded with the following statement:

Protecting customers from malicious content is a top priority and we have removed the ads from Bing and banned the associated  account. We encourage users to continue to report this type of content  at https://bit.ly/2PZWZ1u  so we can take appropriate action.

Needless to say, Microsoft has since taken action by removing the offending ad, but Landau asked some excellent follow-up question that we too are wondering. "Did you discover how the ad was listed as http://www.google.com ?  Have any changes been made to prevent this type of attack from happening again in the future?"

Tags:  Microsoft, Bing, (nasdaq:msft), (nasdaq:goog), google chrome, microsoft edge
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment