Google Chrome copy-paste code scam spreads

Google Chrome copy-paste code scam spreads

Chrome Scam

A new malware campaign is tricking Windows users into installing harmful code by disguising it as fake software updates for popular programs like Google Chrome and Microsoft Word. Cybersecurity experts at Proofpoint have discovered that cybercriminal groups use these fake updates to steal money and sensitive information from victims’ devices. The malware appears as error messages in internet browsers, prompting users to copy and run a PowerShell script.

This script is the first step in installing the malware, determining if the device is a valid target before downloading additional payloads. These payloads can clear the DNS cache, remove clipboard content, and display fake messages to deceive the user. In the second stage, the malware installs an info stealer to access and redirect the victim’s cryptocurrency.

Another method of spreading the malware involves sending emails containing an HTML file that looks like a Microsoft Word document.

Malware disguised as software updates

These emails trick users into installing a fake “Word Online” extension and running malicious PowerShell code.

Proofpoint reports that this deceptive campaign has targeted thousands of organizations worldwide, delivering over 100,000 malicious messages globally since March 2024. To protect yourself from such threats, experts recommend installing strong antivirus software, using a VPN, monitoring your financial accounts, placing a fraud alert on your credit file, and enabling two-factor authentication for important accounts. It’s crucial to verify the authenticity of any software before downloading it and to be cautious when browsing the internet or connecting to public Wi-Fi.

See also  USC names Molinaroli College of Engineering

Hackers often exploit vulnerabilities like Wi-Fi driver flaws to spread malware, so staying vigilant is critical to maintaining online security. As these malware campaigns evolve and become more sophisticated, users must stay informed about the latest threats and take proactive steps to protect their devices and personal information.

Following best practices for online security and being cautious when prompted to install software or run scripts can significantly reduce your risk of falling victim to these dangerous malware attacks.


About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist