In November alone, Chrome 23 was released, Firefox 17 launched, and an IE10 preview for Windows 7 arrived on the scene. Cybercriminals have decided to take advantage of these updates by pushing popups with warnings of fake browser updates in order to push malware.
A new securebrowserupdate.com domain popped up on November 16, and while it’s dead now, others are sure to spring up soon, if they haven’t already. A script on the site detects which browser you’re running, and then offers “new versions” of your browser with “service packs” and “Antivirus protection,” both which of course don’t exist for browsers.
F**k it, we'll do it live!
Our biggest ever edition of TNW Conference is fast approaching! Join 10,000 tech leaders this May in Amsterdam.
The warning is the same for all of them: “Attention! Your browser is out of date, some of extensions may interfere your work!” Users are told that their current browser version is out of date and that they are invited to install the latest update, which is of course malware.
Here’s how the Chrome one looks, courtesy of StopMalvertising:
Here’s how the Firefox one looks (it changes accordingly if you’re running an older version):
Here’s how the IE9 one looks (yes, despite the release of IE10):
Out of all of these, the iPhone one takes the cake:
While the iPhone scam is clearly the least likely to work, analysis of the script in question shows that this isn’t just a desktop attack. The script in question shows mobile users may be at risk of premium rate SMS messages if they visit the site, according to Russian strings in the code.
In all cases, victims are redirected to the fake browser update domain via advertising on other sites. If you are browsing the Web and suddenly get a popup or ad to update your browser, don’t click it. Furthermore, make sure you’re running a solid security solution if you aren’t already.
Image Credit: Jim O’Connor