Watch out - that Google Chrome error message might actually be some devious malware

Magnifying glass enlarging the word 'malware' in computer machine code

(Image credit: Shutterstock)

If you get an error message while surfing the internet, be careful - it might be a trick to get you to download malware.

That's the warning from cybersecurity researchers at Proofpoint, who recently observed multiple threat actor groups using the same tactics to deploy different malware variants.

As per the researchers, hackers would either compromise an existing website, or create a new one themselves - and this website, when opened, will display an overlaid error message, stating that there is a problem with viewing the contents of the site.

The problem, the message further explains, is due to a malfunctioning update. Users are then told that in order to fix the bug, and view the website, they should install the latest update which is, conveniently enough, supplied straight in the error message.

"Although the attack chain requires significant user interaction to be successful, the social engineering is clever enough to present someone with what looks like a real problem and solution simultaneously, which may prompt a user to take action without considering the risk," Proofpoint's report said.

The "fake popup ad" method is hardly new, but this particular campaign, in which the attackers impersonate Chrome, was observed by three separate entities - ClearFake, ClickFix, and TA571.

The groups are using this method to drop different kinds of malware to their victims' devices, including DarkGate, Matanbuchus, NetSupport, Amadey Loader, XMRig, a clipboard hijacker, and Lumma Stealer.

Some of these are quite popular in the underground community, such as DarkGate, Lumma Stealer, and XMRig.

The latter is a cryptocurrency miner that uses the device's entire computing power, as well as plenty of electricity, too, to "mine" Monero (XMR).

Monero is a known privacy-oriented coin who is notoriously difficult to track, and as such is the go-to currency for many criminals.

Via BleepingComputer

More from TechRadar Pro

This devious malware hijacks key Google Chrome dev tools to steal data
Here's a list of the best firewalls today
These are the best endpoint protection tools right now

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.