Ransomware attack in disguise of a fake browser update


FireEye, a California based Cybersecurity company has discovered that hackers have launched a ransomware attack campaign in disguise of a fake browser update.

As per the findings, the cyber crooks are entering the domain networks by leveraging compromised infrastructure to gain a foothold. They then establish themselves to deploy malware such as Dridex or NetSupport which are multi-exploit frameworks useful to do credential harvesting, ransomware deployment, harvest espionage tools to steal sensitive data and deploy ransomware variants such as BitPaymer or DopplePaymer ransomware in enterprise networks.

Researchers from FireEye claim that the victims are trapped as soon as they click on the fake updates which then helps download a fraudulent JavaScript, HTML or ZIP update. The downloaded tool then collects all info about the victim PC and then sends that data to a control server which then passes on malware to be installed on the machine.

The study claims that the only way to dodge such cyber threats is to be very careful while entering sensitive info such as passwords and other credentials into websites. And check for any discrepancies in the spelling of the URLs like the use of special characters instead of letters and such.

Also, online users should never click on ad banners which promise to speed the PC or earning cryptocurrency. And always keep your system update to date with security updates and the anti-malware solutions.

Meanwhile, there is a lot of speculation going in the media that the Milpitas based company since the reported loss in 2Q of 2019 has hired professional help from Goldman Sachs Group for an overall asset estimate. There is a discussion going among business experts that the Cybersecurity firm might put itself on sale in 1Q of 2020.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display