Hackers hijack Arc browser Windows launch with malvertising campaign
Bad ads on Google are leading people to malicious sites
Hackers are taking advantage of the Windows launch of Arc browser to trick victims into downloading malware.
Arc is a relatively new internet browser, first launched for macOS in the summer of 2023 - and initial feedback from both media and the users was positive enough to prompt the release of a Windows version too.
However, at the same time, unidentified hackers were creating websites with typosquatted domains, seemingly identical to the browser’s actual website. They were also creating ads on Google which, due to certain problems the network has, displayed the legitimate website, but redirected people to the typosquatted one.
Spotting bad ads
This meant customers who wanted to install Arc on their Windows device, and had used Google to search for it, would find an ad in the very top of Google’s search results page.
The ad seemingly pointed to the site’s actual website, but led the victims to a malicious site which offered an infected version of the browser’s installer, hosted on MEGA, for download.
Anyone who downloaded this installer would get the browser, but also malware which, according to initial reports, seems to be an infostealer, although confirmation on the malware’s nature is still pending.
Hackers are always taking advantage of major events and product launches to try and trick people into giving away sensitive data, or downloading malware. Events such as the FIFA World Cup, Olympic Games, Chat-GPT launch, Windows 11 launch, and others, have all been abused in the past to deliver bad code to people.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The best way to protect against these attacks is to always type the website address into the browser, instead of “just googling” it. If you don’t know the site, be mindful of the search engine results, and always double-check the characters in the address bar before downloading anything.
Via BleepingComputer
More from TechRadar Pro
- Bad news for BitLocker users — its encryption can be cracked remarkable easily
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.