Chrome, Edge: This browser update hides malware that encrypts your data

After attacking the ancient Internet Explorer browser, Magniber malware now attacks Google Chrome and Microsoft Edge. A team of researchers recently discovered that the malware is hiding in a larger-than-life update for both browsers.

Photo Credit: Unsplash

On the curve of a website, a message is displayed: Whether you’re using Microsoft Edge or Google Chrome, your browser needs a “manual update.” A button on the page makes downloading the update and installing it a breeze. The operation only takes a few seconds and Windows lets the update proceed, without detecting the slightest problem. Simple, fast and efficient.

Except this update is not authentic. A team of South Korean researchers has just discovered that the setup file hides the software responsible for downloading the Magniber ransomware, which will then encrypt user data. The victim will then have to send money to the hackers, otherwise they will no longer be able to access their valuable personal files.

Also Read: Chrome, Edge: Dangerous Malware Is Spreading Around Thirty Extensions, Uninstall Them Quickly!

Fake Chrome and Edge update harbors dangerous Magniber ransomware

Magniber, who until now had made a name for himself by exploiting a flaw in Internet Explorer, is back with a bang. Ransomware now targets Chrome and Edge browsers, which together account for more than 84% of the PC browser market (source: Netmarketshare).

The AhnLab Security Emergency Response Center (ASEC) team has just discovered that the malware is now spreading inside an .appx update file (a format released with Windows 8, but still exploited by Windows 10 and Windows 11). The file in question is called edge_update.appx or chrome_update.appx. The problem is that the file looks completely legitimate when it is digitally signed with a valid certificate. Windows sees nothing but fire when you double click on the corrupted .appx file – the system will launch and install without batting an eye.

Once the fake update is installed, a program called wjoiyyxzllm.exe executes the wjoiyyxzllm.dll library and downloads Magniber malware. Therefore, it is too late for the user: his personal files are instantly encrypted and it becomes impossible for him to check the content. According to studies carried out by the ASEC team, the malware does not steal its victim’s data, but simply makes it inaccessible. As with any ransomware scam worth its salt, if the user wants to get their data back, they will have to send money to the hackers responsible for spreading Magniber.

So be careful if they send you an .APPX file that claims to update Google Chrome and Microsoft Edge. These two browsers update automatically, there is no need to manually download an update. Finally, note that installing an .APPX file on Windows 11 (other than the Microsoft Store) requires developer mode to be activated. If you’ve never touched the default settings offered by Windows 11, you don’t need to worry.

Source: ASEC

Rank Math Seo Pro Weadown, Wordfence Premium Nulled, Yoast Nulled, PHP Script, Fs Poster Plugin Nulled, Astra Pro Nulled,Woodmart Theme Nulled, Wpml Nulled, Avada 7.4 Nulled, Woodmart Theme Nulled, PW WooCommerce Gift Cards Pro Nulled, Elementor Pro Weadown, Newspaper – News & WooCommerce WordPress Theme, Nulledfire, Slider Revolution Nulled, Elementor Pro Weadown, Jnews 8.1.0 Nulled, WeaPlay, Business Consulting Nulled, WP Reset Pro, Newspaper 11.2, Flatsome Nulled, Woocommerce Custom Product Ad, Premium Addons for Elementor, Jannah Nulled, Consulting 6.1.4 Nulled, Plugins, WordPress Theme, Dokan Pro Nulled

Back to top button