MALWARE WARNING: Malware Scam Targets Google Chrome User's Using 'Font Update' Technique
Researchers have found another malware campaign that is particularly targeting Google Chrome clients on Windows PCs. This malware is attempting to deceive the users to download a font update package for a corrupted fonts. This campaign utilizes the scandalous EITest chain that has been utilizing in multiple exploit kits that lead to an identity thief, ransomware, and other different sorts of assaults. However, this time it is being utilized in more targeted attacks instead of being used in exploit kits.
According to Fox News report, as indicated by the research of the security firm Proofpoint, this malicious hacker are breaking into poorly-ensured sites and embedding JavaScript that will wait for Chrome browsers to point out the sites via search engines. When it finds the guest's browser, the code will be infused in the page that would show an alert, which makes the page content unreadable. Since the "X" does not close this alert, clients will probably click on the "Update" button. By this, it enables the malware to download and install a record that is implied to be a font file.
WCCFtech stated that the "Chrome_Font.exe" is a sort of ad fraud adware that will know as Fleercivet, a name that is given by Microsoft. This malware is loaded with some hidden ads, though this kind of adware is not awfully dangerous but the group of criminals behind this scheme has unleashed far more awfully things previously. Once the computer is infected, it will begin browsing in the background on its own.
The EITest infection chain utilized as a part of its most recent Chrome malware campaign that has been already used to trade off an extensive number of websites, utilizing known vulnerabilities in WordPress or Joomla. They act by taking little amounts of traffic from these sites and diverting them to a malicious payload. The EITest campaign was showed up in 2014 where the last payload has varied incredibly, implying that the EITest group has rented their traffic source to numerous cyber-criminal operations.
For a very wide range of its lifespan, the EITest group has rented traffic to exploit kit operators, who utilized Flash, Silverlight, IE, and other susceptible to install malware on client's gadgets automatically, without client's knowledge that there is something wrong.
Subscribe to Latin Post!
Sign up for our free newsletter for the Latest coverage!