Beware: Fake Browser Warning Delivers Malware


Threat analysts at PhishLabs have encountered a fake browser warning which, when acted upon, delivers the Zeus (Zbot) malware.

Credit: PhishLabs

Credit: PhishLabs

Of course, this type of social engineering attack is quite commonplace these days but what makes this one standout, and the main reason we are bringing it to your attention, is the convincing nature of the warning message.

It includes the usual social engineering earmarks, praying on the fears of users…

We have detected unusual activities on your browser and the Current Online Document File Reader has been blocked base on your security preferences.

However, there are two key elements which differentiate this malicious prompt from most:

  1. The language and grammar used in this message is noticeably superior to the norm. Poor grammar and spelling are generally good indicators of fake warnings or messages, but this one, while still not perfect, is way more accurate than most.
  2. The design of the warning notice is also superior, closely resembling legitimate alerts issued by popular browsers.

Clicking the “Download and Install” button will, of course, lead to the Zeus malware, a highly malicious trojan that steals online banking credentials and makes infected computers part of a botnet.

Overall, we believe this one has the potential to fool quite a few unwary users, hence this advisory.


**At time of publication, exact circumstances of how this fake notice is being delivered remain unknown. However, PhishLabs’ investigation is ongoing.

 

Posted in:
About the Author

Jim Hillier

Jim is the resident freeware aficionado at DCT. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele… as well as writing for DCT, of course.

There are 2 comments

Comments are closed.