Keeping the browser up to date is one of the most important things in terms of security, in the same way as keeping the rest of the applications or the operating system updated. In Google Chrome, just open Help> Google Chrome Information and check if the message “Google Chrome is up to date” or the button to update to the latest version appears. In this case, the last one is version 84.0.4147.89 (Official Build) (64 bit).
Update from the browser and avoid the manual
Updating from the browser itself is so simple and safe that we do not understand that there are people who do it manually, either by downloading the executable or otherwise. In this case, Proofpoint researchers have identified a malware campaign against targets in Canada, France, Germany, Italy, Spain, United Kingdom and the United States, with dozens of messages sent in recent weeks.
In these messages, victims are warned that they had to update to the latest version of Google Chrome or Internet Explorer browsers, but in reality offered links to websites compromised with malware. This campaign has been launched by TA569, also know as SocGholish, a well-known actor of this type of scams on the Internet.
The malicious websites They were constructed in such a way that they were able to analyze the victim’s geolocation, operating system, browser, and other data to see if they were a potential victim. If so, you would be persuaded to download the malware-ridden browser update.
Actually, clicking on the download link downloaded a series of viruses and Trojans to your computer, among which we found the banking Trojan Chthonic together with remote control software NetSupport so that hackers could take control of the equipment without problems.
The campaign has been addressed to numerous organizations, private companies, government entities and many other actors. The best way to protect ourselves is to always download updates from the official Web or directly from the tools integrated in the applications themselves.