Fake software updates are one of cyber criminals' favorite tactics to trick users into downloading malware.
Today, these attacks increasingly target browsers.
Indeed, Google Chrome and Microsoft Edge upgrades being frequent, many users do not think to verify the authenticity of a notification offering to update their browser.
Namely, Edge and Chrome together represent more than 84% of the PC browser market.
According to a new blog post from Malwarebytes, a recently discovered Magnitude exploit kit update tricks users into installing a fake Microsoft Edge and Chrome browser update.
Window does not detect the problem
Magnitude is regularly updated with new attacks.
This new fake update seems to have been added in the last few weeks.
In the past, Magnitude has made extensive use of vulnerabilities in Flash and Internet Explorer.
Specifically, analysts from the AhnLab Security Emergency Response Center (ASEC) explain that the malware spreads inside an .appx update file.
A format released with Windows 8 and still used by Windows 10 and Windows 11. The file in question is called edge_update.appx or chrome_update.appx.
The attack is triggered when a user uses Microsoft Edge or Google Chrome.
His browser tells him he needs a "manual update".
To launch this fake update, the victim just needs to click on a button present on the page.
The operation only takes a few seconds and Windows lets the update take place, without detecting the slightest problem.
No need for manual Chrome and Edge update
Said update is actually a malicious Windows Application Package (.appx) file.
The file, named edge_update.appx or chrome_update.appx, initiates the download of Magniber ransomware which encrypts user files.
In other words, the malware does not steal its victim's data, but simply makes it inaccessible.
The victim can regain access to his files in exchange for a ransom.
As a reminder, the .appx update file corresponds to a format released under Windows 8 and still used by Windows 10 and Windows 11. Here, the file.
appx is signed with a valid certificate.
Windows therefore considers it genuine and launches its installation without verification.
It is possible to see which version of Edge a browser is using and if updates are available.
To do this, simply open Edge, select "Settings and others", then "Settings".
The user should then scroll down the page and select "About Microsoft Edge".
Finally, you should know that both Chrome and Edge browsers update automatically.
There is therefore no need to manually download an update.
Google releases an update for Chrome to fix a flaw widely exploited by hackers
Edge: Microsoft's browser warns users of corrupted passwords
Share on Messenger
Share on Facebook
Share on Twitter
Share on Flipboard
Share on Pinterest
Share on Linkedin
Send by Mail
A fault ?