![Filehippo - Software that matters](https://news.filehippo.com/wp-content/uploads/2020/03/header-strapline.png")
What may seem a harmless Google Chrome update could in fact be malicious software in disguise – hoping to sink its infected roots into your computer and weed out your bank details.
To coincide with Googleās official rollout of its Chrome 24 update, a malware bug, which ironically urges the user to bring their browser āup-to-date to ensure they are protected by the latest security featuresā, has also reared its ugly head.
However, if the unsuspecting user tries to download the āupdate’ from within Chrome itself, a warning from Google appears stating that the executable file āappears maliciousā.
Researcher Chris Boyd from GFI Labs, which aims to uncover the latest online computer threats, said the design of the dubious website is identical to the authentic Chrome 24 update page.
Threat to personal data
āPut simply, you donāt want this anywhere near your computer and users of Chrome who are curious about updates should simply read the information on the relevant Google Chrome support page,ā Boyd said.
Boyd went onto say that the file itself has been seen on about 14 or so websites since October last year and is also listed at malwr.com, a site which allows users to analyze suspicious files and extract information on their process and network behaviour.
Boyd also noted that it is listed on the comments section of VirusTotal (free online malware scanner) as being capable of stealing banking credentials.
Trojan warning
In the latter case, the file appears to be related to the Zeus banking Trojan, a malware that steals banking information by man-in-the-browser keystroke logging and form grabbing.
āIndeed, one of the domain name system requests made is to a site by the malware, and is related to ZBot / Blackhole exploit kit attacks. In fact, it seems to want to swipe information of a very similar nature to a ZBot infection from August of 2012,ā Boyd added.
InĀ malwr.com’sĀ behaviour summary for the latest fake Google Chrome update, it says the malware creates a batch script, can access Firefox’s password manager local database andĀ installs a program to run automatically at logon.
With fake program updates being a popular way for cyber criminals to spread Trojans, virus and worms, Google Chrome has a specialist phishing and malware detection webpage offering users extra security settings and advice.