Long-standing malware scams often prey on unsuspecting internet users, and the old trick of prompting website visitors to update their browsers to view content has resurfaced.
The latest twist? The culprits now hide malicious files on an encrypted cryptocurrency blockchain, making their malicious intent harder to neutralize.
New scam called ClearFake causes compromised websites to push visitors a dangerous update
In August 2023, cyber sleuth Randy McEoin shed light on a scam called ClearFake. This mischief targets users via compromised WordPress sites, displaying a message urging them to update their browsers.
It’s eerily precise too. Chrome users, for example, see a Chrome-specific alert, a browser update warning across multiple devices with a tempting blue button in the center.But clicking on the “update” lures users into downloading malicious software designed to steal information.
Shifty cybercriminals evolving to deliver poisonous payloads to you
According to Guardio Labs, a reputable security firm in Tel Aviv, the ClearFake scam has evolved. Initially, the attackers stored their devious files on Cloudflare. However, when Cloudflare clamped down, these perpetrators shifted their operations to the Binance Smart Chain (BSC).
This platform supports decentralized apps and automated “smart contracts.” The worst thing is that these payloads of bad stuff leave no trace behind.
Nati Tal, Guardio Labs’ security chief, explained that these bad actors exploit BSC’s infrastructure, creating what are called malicious “contracts.” Once activated, these contracts are designed to deliver their harmful payloads.
“The strength of these contracts lies in their innovation and accessibility,” Tal stated. “Given the blockchain’s nature, hosting code becomes virtually untouchable, evading any takedown attempts.”
Both scams spread malware and can fool smart people
Guardio believes that the minds behind the BSC malware and ClearFake are the same. Meanwhile, email security experts at Proofpoint have identified multiple groups using fake browser update schemes to spread malware.
Proofpoint further observes that such methods persist because they’re effective. They exploit users’ safety training by posing as trusted sites. Dusty Miller of Proofpoint comments, “Users are conditioned to trust updates from known sources. These scams manipulate that trust, making users believe they’re on a legitimate site, urging a browser update.”
What you need to do next to protect yourself
Always stay vigilant online! By far, the single best thing you can do for yourself and those you love is to make yourself resilient against attacks like these in the first place. Invest in strong antivirus protection on all of your devices and keep all operation software updated at all times.
The best way to protect yourself is to have antivirus protection installed on all your devices. Strong antivirus software actively running on your devices will alert you of any malware in your system, warn you against clicking on any malicious links in phishing emails, and ultimately protect you from being hacked.
Kurt’s key takeaways
These scams are designed to trick you into downloading malware that can damage your devices and expose your personal information. Don’t fall for any browser update alerts that pop up on suspicious websites. They could be hiding malicious files that can infect your system. Always check for updates on the official browser websites and protect yourself with strong antivirus protection.
What steps have you taken to protect yourself from malware? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Answers to the most asked CyberGuy questions:
Copyright 2023 CyberGuy.com. All rights reserved.