Bogus "browser update" pages deliver malware
Posted on 30.01.2012
Fake "browser update" pages are currently being used to deliver malware and redirect users to survey pages, warns GFI.

Their malware researchers have recently discovered a number of website hosting these pages, which contain a warning about the users' browser being out of date, a Firefox or Chrome logo to reassure the potential victims and the fake "system scan" progress bar that is often used by fake AV pushers:


The pages - located at vkernel(dot)org, aveonix(dot)org, smolvell(dot)org, stocknick(dot)org - are not able to detect what browser the users use and serve either a Firefox or Chrome themed fake update warning.

Once the progress bar finishes loading, Firefox users are asked to download a malicious file named update.exe, while Safari automatically downloads the file.

"Running this executable allows the download and installation of a program called Driver, which creates a folder named Driver before dropping two files in it: uninstall.exe and app.exe," say the researchers. "When app.exe runs, an Internet browser window/tab opens in order to direct users to various survey pages. Based on multiple tests, minutes after the said pages load, this executable connects to various websites to download and install random programs, some of which may be legitimate."

Users are warned to be careful when being presented similar pages. The aforementioned four are still online, but there might be others. In any case, it's always best to update your browser by using the updating mechanism it contains.






Spotlight

Using Hollywood to improve your security program

Posted on 29 July 2014.  |  Tripwire CTO Dwayne Melancon spends a lot of time on airplanes, and ends up watching a lot of movies. Some of his favorite movies are adventures, spy stuff, and cunning heist movies. A lot of these movies provide great lessons that we can apply to information security.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Jul 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //