Most of you are not surprised to hear that malware attacks can hit any browser, Internet Explorer is not necessarily weaker than other browsers in the security camp, they just get hit more often. So some reports are coming out that Google Chrome is now the malware authors browser of choice. In a series of malware screen attacks clever hackers are targeting Chrome users with “recommendations” about getting rid of malware.
Here is how it starts do a google search for Silverlight datagrid reorder columns. On the fifth page you’ll see a site hit. Click on it, and the problems start.
This dialog box pops up over the page and falsely suggests that the browser, Google Chrome, has found malware. If you click OK, it begins a fake scan.
Here is where the malware becomes viable. That red background and the big icon at the top are visually similar to actual security warnings that Google Chrome uses. The malware author has also inserted a reference to Google Chrome in this fake “scanning” screen.
Bad grammar might give it away…Meaning that this social-engineering attack is likely to fail with an English-speaking victim, who should be suspicious of the bad grammar. But a user whose primary language is something other than English might well be fooled.
For the last few months, warnings have been issued to users about new malware attacks. They’ve learned to be more suspicious and their browsing habits have changed. But so have malware authors. With this change malware authors are also adapting to the changing habits of PC users. There is no obvious message to the effect of ”press this link and a virus attack will start.” Instead you are likely to see something like “you’ve been infected, click here to remove the virus.” And if anything, the malware authors are more patient; anticipating that not every attack that they have will work, but if one in 10 work, that is still significant.