This is not the first time that cyber criminals have tried their best to compromise and infect web browsers such as Internet Explorer, Google Chrome, Firefox and the like.
They have launched a new malware distribution campaign that is designed to target Google Chrome when people are using the browser on their Windows computers.
Thus when targeting users of Google Chrome, the latest malware attack relies on the notorious EITest series of infection that earlier associated with many attack toolkits used in assaults pertaining to ransomware, ID stealers as also other malware attacks. University Herald posted this, January 23, 2017.
A lot of security firms including Proof Security has been scrutinizing EITest. Proof Security has described the infection chain as well structured. This leads to websites lacking security for diverting end-users onto attack toolkit websites.
EITest has been under close examination by Proof Security a cyber security firm that described the infection chain as well documented which commonly resorts to insufficiently secured websites for diverting end-users onto attack toolkit web-pages.
It has been documented that it has been discovered last 2014. They have observed that it has been serving various information stealers, various malware strains, ransomware and the list is growing.
They have diverted their efforts to target Google Chrome and have maneouvered their way over the changes which the company has done over the years. By doing this targeted assaults, they would not be depending much on conventional attack toolkits to inject malicious code to their intended victims.
The new malware have been utilizing complicated web techniques. They would inject their scripts into weakly protected websites. They have a high possibility of success then the end user is using Windows and Google Chrome.
Security researchers explains that EITest malware uses the “web engineering method” which makes people think that they need to update Google Chrome. Most of the time, infection occurs when they view contaminated search results.
Most of the harmful code is obfuscated. Basically looks gibberish and unreadable. Now, here is where they come in. A message is displayed that a font HoeflerText is missing. This would make them think it is the reason they are unable to read it. Now, as a follow-up, it displays a message that recommends to users to download and install a Google Chrome Font Pack.
Certain security measures have been implemented to lessen the impact of the threat. It is advised that people be careful with their web searches. Google Chrome users have been advised to remove the fake Chrome update.