Search This Blog

Malware served via Social Engineering attacks

A websites urges users to download a critical browser update leads to malware infection, targeting Users in United Kingdom.

Cyber Criminals use various type of Social Engineering attack to deliver malware.  One of them is Fake Browser updates.  Researchers at Symantec have come across a website that urge users to download a critical browser update.

The web page is capable of identifying the victim's browser.  Based on the type of browser they are using, they will be redirected to fake but convincing Chrome, Firefox, or Internet Explorer Web page.

The page also using a javascript to force the victim to give up and stay on the site - Asks users to click on the "Yes/No" option 100 times in order to close the browser.

This malicious page is served through ad networks and free movie streaming and media websites.  The domain used in the attack was registered on Dec. 30, 2013.  Researchers say they attacks appears to be targeting users in UK.

Users are alway advised to download update from the official website.  Symantec detects these pages as Trojan.Shylock.
Share it:

hacker news

Malware Report