Security News > 2023 > April > Hacked sites caught spreading malware via fake Chrome updates

Hacked sites caught spreading malware via fake Chrome updates
2023-04-11 20:14

Hackers are compromising websites to inject scripts that display fake Google Chrome automatic update errors that distribute malware to unaware visitors.

BleepingComputer has found numerous sites hacked in this malware distribution campaign, including adult sites, blogs, news sites, and online stores.

If a targeted visitor browses the site, the scripts will display a fake Google Chrome error screen stating that an automatic update that is required to continue browsing the site failed to install.

"An error occurred in Chrome automatic update. Please install the update package manually later, or wait for the next automatic update," reads the fake Chrome error message.

This hinders updates and threat detection and may even disable an AV altogether.

As always, never install security updates for installed software at third-party sites, and only install them from the software's developers or via automatic updates built into the program.


News URL

https://www.bleepingcomputer.com/news/security/hacked-sites-caught-spreading-malware-via-fake-chrome-updates/