Malware That Accompanies Google Chrome Download Detected

Malware That Accompanies Google Chrome Download Detected

Are you downloading Google Chrome through Microsoft Edge? If so, beware! You could get infected by malware and spyware.

Yes, new Windows 10 users who download Google Chrome through Microsoft Edge could get infected. This is because Bing is apparently returning search results with fake download pages that contain malware and adware.

Twitter user Gabriel Landau, in a video that he posted, explains how he searched, on Bing through Microsoft Edge, for “download chrome”. The first link that appeared in the search results is marked from “google.com”, and as anyone would do, he too clicked on it. That led to what appeared to be the legitimate download page for the Google Chrome browser. But, on closer inspection, it turned out that the URL for the page that he had opened was “googleonline2018.com”, which looks real enough to trick anyone though it isn’t an exact replica of the official landing page for Google Chrome. Moreover, clicking on the Download Chrome button starts the download for ChromeSetup.exe. It’s only when he checked the properties for this downloaded file that Landau found that it’s digitally signed not by Google, but by some other company, named Alpha Criteria. The file that gets downloaded turns out to be fake and could contain malware.

Online tech publisher How-To Geek had conducted an investigation on the same lines and had filed a report on the findings of the investigation. The report says, “We were able to reproduce this problem, although it doesn’t happen every time. Usually, you’ll end up seeing an ad for “https://www.google.com”. That goes to the real Chrome download page, and everything is fine… But, sometimes, you’ll see an ad for “google.com”. Guess what—that doesn’t actually go to Google.com. This ad was created by a scammer and goes elsewhere. Microsoft is apparently not verifying the web address the advertisement actually goes to. Bing is letting this advertisement lie people.”

The investigation report further says, “If you click the link, you’ll be taken to a Google Chrome download page that looks like the real one. But it didn’t take you to Google.com. It takes you to “googleonline2018.com”, a scam website…We didn’t actually download Chrome from here, of course. But we’re certain that this website is pushing malware or something malicious.”

The investigation also led the How-To Geek team to infer that while Google Chrome has marked the fake website as a “deceptive site”, Microsoft Edge and Bing haven’t done so. It was also noted that this happened only on some systems and not all and that it was appearing only on Microsoft Edge.

The How-To Geek report points out that Bing is apparently not checking the URL and thus unsuspecting users end up downloading malware and adware through the fake program.

To be noted is the fact that Bleeping Computer had reported almost the same advertisement appearing in results a few months ago, in April, which proves that this is a recurring menace.

How-To Geek publishes a statement given by a Microsoft spokesperson, who states, “Protecting customers from malicious content is a top priority, and we have removed the ads from Bing and banned the associated account. We encourage users to continue to report this type of content so we can take appropriate action.”

The report, however, concludes with a relevant observation- “However, Microsoft has not explained how the ad was marked as from “google.com”, nor have it said if the underlying issue was properly fixed. Without a real fix that prevents advertisers from lying, this problem will just pop up again in the near future. Bing already has problems with horrifying search suggestions, so this is yet another problem on the pile. Microsoft really needs to clean Bing up.”

Kevin Jones932 Posts

Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.

0 Comments

Leave a Comment

Login

Welcome! Login in to your account

Remember me Lost your password?

Don't have account. Register

Lost Password
Register