Google Chrome Faces Sophisticated New Malware; Targets WordPress & Language Pack
Hackers are getting more and more sophisticated in gathering personal and sensitive information and Google is under attack. NeoSmart Technologies dissected a compromised WordPress site and found a smooth hack that uses simple tactics instead of traditional malware drive-by-infection attempts.
If the text doesn't render, would-be victims will be forced to download the "HoeflerText" pack. Since HoeflerText is a real font anyway, many can be deceived into downloading and installing the malware.
Hackers are also deploying a clean-looking format and correct Google Chrome logo. While previous malwares can be easily spotted due to faulty grammar and spelling, this one can easily pass as legitimate update, Deccan Chronicle reported.
Here is another cue, the malware will try to download a file named "Chrome Font v7.5.1." Subsequently, Google will fail to detect the download as malicious but will notify users that "this file isn't downloaded very often." Lastly, remember that the malware will pose as a signed executable file although it is in reality, not a legit file. Gathering all these tips might prove helpful since the file is not yet in Google's browsing blacklist.
While a decent anti-malware app can be useful, the report said that nothing beats a discerning eye. NeoSmart warned that the malware is so sophisticatedly made that only nine of handful anti-virus apps managed to detect it. This new breed of malware even came past Windows Defender and Google's native protection.
NeoSmart admitted that it is still unknown what sort of data can this malware extract. The damage and other subsequent effects are also unknown but users are warned against Google that asks for language pack update. There is a high possibility of getting affected when downloading new apps or software too.