Fake “Critical browser update” warnings lead to malware
If you have manually updated your browser in the last week or so, think back on how you did it. Did you look for the update yourself, or did you download one after being faced with a warning saying you should pick up a “critical update”?
If it’s the latter, and if you are living in the UK, chances are you fell for the latest malware delivery campaign that was started just before New Year’s Eve.
You probably visited a free movie streaming or media site, and a malicious ad redirected you to another website.
“The website, which is hosted in the Ukraine, uses a dual hybrid Web server setup by Apache and Nginx, with the latter identifying the victim’s browser and performing a redirect,” Symantec researchers explained in a recent blog post.
On the site on which you ended up, a warning using a template corresponding to your browser type was shown, and you were offered the update for download. Had you refused, a JavaScript loop would have forced you to stay on the site by making it impossible to close your browser unless you performed a extensive series of repetitive clicks.
If you have downloaded and run the update, you should know that your computer has been likely been infected with the information-stealing Shylock Trojan, and you should use an AV solution to disinfect your machine.
It’s good to start your year with a clean computer and updated software, but you should know and remember that the only right place to pick up a software update is its developer’s official website.