SecurityTube

Attackers Using Fake Chrome Updates to Lure Victims

JB

Google patched nearly two dozen security vulnerabilities in Chrome on Thursday and a day later attackers have begun circulating fake Google Chrome updates that actually are part of a scam related to the Zeus botnet and is designed to steal online banking credentials, among other things.

Attackers have been using fake Chrome updates to lure victims for several months now, and the most recent scheme uses a similar approach as the past ones and also uses related files. Researchers at GFI Labs discovered a renewed wave of attempts by attackers to trick users into downloading and installing a file that purports to be a Google Chrome update, but is in fact mostly interested in snagging sensitive data, such as banking credentials, from victims.