Cyber criminals are getting more creative these days with their new cyber techniques. The latest example is a new type of malware distribution campaign that has been specifically designed to target Google Chrome on Windows-based computers.
New Malware Targets Google Chrome
The new malware campaign, which said to target Google Chrome users, uses the infamous EITest infection chain, which has been previously associated with numerous exploit kit attacks leading to many cyber crimes, including identity stealers, ransomware and another type of malware attacks.
According to Proof Security, which has been tracking and studying ElTest since the malware's first discovery in the wild, EITest is a well-documented infection chain that generally relies on poorly secured websites to direct users to exploit kit landing web pages.
First spotted in 2014, EITest has been involved in the delivery of a variety of ransomware, information stealers, and other malware. The Google Chrome-targeted malware has seen significant changes and cleverness, switching to more targeted attacks instead on relying on traditional exploit kits for code injection
How The Google Chrome Malware Works
The new malware campaign involves some kind of bait-and-switch websites, targeting Google Chrome users. According to Kim Komando, the new malware target websites that have weak security settings.
This new malware used tricky web technique, involving malicious code insertion into poorly secured websites. Chances are big if the target user is using Google Chrome on Windows-based computers.
According to security researchers, the malware uses some sort of "web engineering technique" to fool users of downloading the malicious Google Chrome update. Users may first get infected if they tried to click on malicious search engine result pages.
The malicious code is said to make those websites unreadable. Here, users will see some kind of gibberish images, making the website impossible to read. Then, a fraudulent Google Chrome message came out on the screen, prompting that "The 'HoeflerText' font wasn't found and suggest that this is the reason why the user can't read the page. Finally, the malware asked the user to update the Google Chrome Font Pack.
Fortunately, experts have made some security measures o avoid this kind of threat. At this time, the best security defense is to know what to search for. Google Chrome users are also strongly advised not to download the Chrome Update. Users can also protect themselves from most unsecure websites through encrypting internet connection with a Chrome browser VPN extension.