Malware spread through fake Chrome updates and error pages targets users.
TL;DR Summary
Hackers are compromising websites to inject scripts that display fake Google Chrome automatic update errors that distribute malware to unaware visitors. The malware contains a Monero miner that utilizes the device's CPU resources to mine cryptocurrency for the threat actors. The campaign has been underway since November 2022 and has expanded its targeting scope to cover users who speak Japanese, Korean, and Spanish. The recent inclusion of additional languages may indicate that the threat actors plan to expand their targeting scope.
- Hacked sites caught spreading malware via fake Chrome updates BleepingComputer
- Hackers have been spreading malware via fake Chrome updates TechRadar
- Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages The Hacker News
- Threat research: CryptoClippy, Rorschach, and Winter Vivern. Device vulnerabilities. Proxyjacking. The CyberWire
- Fake Google Chrome error pages used to target users: Report The Hindu
Reading Insights
Total Reads
0
Unique Readers
0
Time Saved
2 min
vs 3 min read
Condensed
82%
454 → 81 words
Want the full story? Read the original article
Read on BleepingComputer