Tuesday, 3 February 2015

Ransomware Disguises Himself As Google Chrome Update

There are currently going around emails posing as security for Google Chrome, but in reality spread ransomware. The messages would come from the "Google Security Center" and have the subject line "Google Chrome Security". According to the email, the Chrome version of the receiver is potentially vulnerable and outdated.

Instead of an e-mail attachment, the recipient gets instructions to enter a particular search that points to a compromised website and on which the so-called security is offered. The update is in reality a ransomware variant called CTB Locker, which stands for Curve Tor Bitcoin. The ransomware is also known as Citroni.

The malware encrypts all kinds of files on the computer and then prompts the user to pay an amount in bitcoin for decryption, as reported security Malwarebytes. How many people have been kicked in the e-mail is unknown. Users do in the case of Google Chrome namely itself to install updates because the browser on most computers will update automatically.

No comments:

Post a Comment