Cyber experts have issued a warning about sophisticated new malware that mimics Google Chrome and Microsoft applications, potentially leading to financial theft from device owners. Online protection company Proofpoint has detected an ongoing malicious campaign involving cybercriminals utilizing new and creative attack methods. The malware poses as fake updates for internet browsers like Chrome and imitates programs such as Microsoft Word to trick users into downloading harmful code.
Once the code is downloaded, the malware gains access to sensitive information and files, including cryptocurrency. Victims may fall prey to simulated update messages in Chrome, instructing them to copy and paste code into Microsoft PowerShell, resulting in financial losses to the perpetrators. Another method involves email baiting, where emails appearing work-related contain HTML files resembling Microsoft Word with fake error messages.
Proofpoint identified a widespread attack involving over 100,000 messages targeting various organizations worldwide. The malware also impersonated Microsoft’s OneDrive cloud storage service, utilizing fake error messages to deceive users into taking quick action without considering the risks. While the attack requires significant user interaction to be successful, users are advised to remain vigilant and avoid downloading suspicious content.
It is important to note that legitimate programs like Chrome and Word will never require users to manually enter code into another application for basic functions. By staying cautious and refraining from downloading unauthorized content, users can protect themselves from falling victim to such cyber threats.
Article Source
https://nypost.com/2024/06/19/lifestyle/cyber-experts-warn-of-new-chrome-microsoft-money-stealing-malware/
