Security News > 2021 > October > Google Chrome is Abused to Deliver Malware as ‘Legit’ Win 10 App
Crooks behind a newly identified malware campaign are targeting Windows 10 with malware that can infect systems via a technique that cleverly bypasses Windows cybersecurity protections called User Account Control.
Iwamaye wrote in a blog post published Thursday, the attack chain is initiated when a Chrome browser user visits a malicious website and a "Browser ad service" prompts the user to take an action.
Attackers are using a compromised website specially crafted to exploit a version of the Chrome browser to deliver the malicious payload, researchers found.
Once notifications were permitted the browser user was alerted that their Chrome web browser needed to be updated.
The malicious Chrome browser update linked to a Windows application package called a MSIX type file.
"The malware we summarized in this blog post has several tricks up its sleeve. Its delivery mechanism via an ad service as a Windows application, Windows application installation path, and UAC bypass technique by manipulation of an environment variable and native scheduled task can go undetected by various security solutions or even by a seasoned SOC analyst," Iwamaye wrote.
News URL
https://threatpost.com/chrome-deliver-malware-as-legit-win-10-app/175884/
Related news
- New Octo Android malware version impersonates NordVPN, Google Chrome (source)
- Google Chrome gets a mind of its own for some security fixes (source)
- Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense (source)
- New Google Chrome feature will translate complex pages in real time (source)
- Azure domains and Google abused to spread disinformation and malware (source)
- Google fixes ninth Chrome zero-day exploited in attacks this year (source)
- Google fixes ninth Chrome zero-day tagged as exploited this year (source)
- Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild (source)
- Google tags a tenth Chrome zero-day as exploited this year (source)
- Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation (source)