"Fake Browser Updates Used in Malware Distribution"

Cybersecurity researchers at Proofpoint have identified a rising trend in threat activity that employs fake browser updates to disseminate malware.  Fake browser updates are compromised websites that display fake notifications mimicking popular browsers like Chrome, Firefox, or Edge, luring users into downloading malicious software instead of legitimate updates.  The researchers stated that TA569, a threat actor, has been using fake browser updates for over five years to deliver SocGholish malware.  Recently, other threat actors have adopted this strategy.  The researchers noted that these threats infiltrate websites using JavaScript or HTML-injected code to direct traffic to their controlled domains and automatically download malicious payloads.  The researchers stated that the success of fake browser update lures lies in exploiting users’ trust in known and safe sites, thereby bypassing security awareness training.   

Infosecurity reports: "Fake Browser Updates Used in Malware Distribution"