With major browsers like Chrome and Firefox releasing frequent updates, hackers are taking advantage by creating fake browser updates to trick users into downloading malware. One group named TA569 has been using this technique for 5 years to spread malware.
These fake updates are very deceptive, abusing the trust people have in their browsers and websites. It’s very easy to fall victim to these fake pop-ups because they often appear on legitimate sites.
Let’s take a look at how these are deployed and what you can do to avoid becoming a victim.
How to Spot Fake Updates
The key fact is that major browsers like Chrome, Firefox, and Edge will never display pages saying your browser is outdated and requires immediate updating.
Check for updates manually in your browser's settings instead. Chrome uses colored icons to indicate available updates. Only update directly through the official toolbar icon.
Fake updates are likely to appear on websites that have been compromised by the hackers behind them. They insert a JavaScript code in the site to create a fake update pop up. Once the user downloads the fake update, they allow malware to infect their computer.
Fake Chrome update. (Source: proofpoint.com)
Four Major Fake Update Campaigns Uncovered
Researchers at Proofpoint recently uncovered four major ongoing fake browser update campaigns infecting users with dangerous malware.
TA569 spreads SocGholish, while campaigns like Rogue Raticate and SmartApeSG deploy remote access Trojans to steal data. Another called ClearFake uses info-stealing malware like Lumma and Raccoon v2 to commit fraud.
How to Avoid Fake Updates on Chrome
The most important thing you need to keep in mind is this: Chrome, or any browser for that matter, will never redirect you to a page that says you need to update it. As mentioned above, you should always manually check if there’s an update available in the browser’s settings before you download through a pop up.
Chrome browser usually updates automatically when you close it. If, however, you haven’t closed it in a long time, you’ll have to update it manually. Check your profile picture in the top-right corner to see how long it has been since the most recent update was released.
A bubble may appear next to it if you haven’t updated your browser. Here’s what the colors mean:
- Green – It’s been two days since the update was released.
- Orange – The update was released four days ago.
- Red – The update came out a week ago.
Keep Yourself Safe With an Antivirus
These fake update downloads are just one type of phishing attack. There are many other ways hackers can get you to install malware on your computer. We recommend using an antivirus like TotalAV to protect your system. It’ll actively scan all newly downloaded files.
Good antivirus software provides important protection against the malware in fake updates. With so much activity now through web browsers, hackers will keep exploiting fake updates to spread malware. Stay vigilant and use comprehensive security tools.