Google Chrome is going through hard times. The company warns users of new high-level threats again. In September, security specialists have found the 11th zero-day exploit1 of 2021 to target Chrome. Users of Windows, iOS, and Linux should be aware that they are at risk.
Chrome hacked again? Ok, what’s new?
Google cybersecurity experts have noticed that malware makers are practicing a new approach to AV-protected systems. Criminals have learned to evade safeguarding software by using specially created code signatures that Windows recognizes as legitimate. This method is behind the spread of OpenSUpdater that is already considered riskware (a potentially dangerous program). What does this one do? It infiltrates browsers and installs harmful software into the host system.
Who makes the risk group?
There main motive of the group behind this OpenSUpdater is monetary gain. The majority of victims of this malware are Americans who are not above downloading “cracks” and illegal software.
Neel Mehta of Google Threat Analysis Group says OpenSUpdater creators have started to sign their brainchild’s executables with purposefully manufactured certificates. But what allowed the malicious software to operate freely in the users’ systems? The code samples of OpenSUpdater mess up OpenSSL parsing. This renders decoding and checking signatures impossible. Anti-virus programs relying on OpenSSL detection rules could not see OpenSUpdater. That’s because hackers marked their malware with invalid signatures, which compromised the process of anti-viral scanning. The absence of correct data on signatures, in turn, resulted in anti-malware solutions ignoring the object. You can get a glimpse into the technical depths of this vulnerability in a report by Neel Mehta.
User Review( votes)