Chrome Hacked Again

Chrome hacked again
Written by Wilbur Woodham

Google Chrome is going through hard times. The company warns users of new high-level threats again. In September, security specialists have found the 11th zero-day exploit1 of 2021 to target Chrome. Users of Windows, iOS, and Linux should be aware that they are at risk.

Chrome hacked again? Ok, what’s new?

Google cybersecurity experts have noticed that malware makers are practicing a new approach to AV-protected systems. Criminals have learned to evade safeguarding software by using specially created code signatures that Windows recognizes as legitimate. This method is behind the spread of OpenSUpdater that is already considered riskware (a potentially dangerous program). What does this one do? It infiltrates browsers and installs harmful software into the host system.

Who makes the risk group?

There main motive of the group behind this OpenSUpdater is monetary gain. The majority of victims of this malware are Americans who are not above downloading “cracks” and illegal software.

Infiltration secret

Neel Mehta of Google Threat Analysis Group says OpenSUpdater creators have started to sign their brainchild’s executables with purposefully manufactured certificates. But what allowed the malicious software to operate freely in the users’ systems? The code samples of OpenSUpdater mess up OpenSSL parsing. This renders decoding and checking signatures impossible. Anti-virus programs relying on OpenSSL detection rules could not see OpenSUpdater. That’s because hackers marked their malware with invalid signatures, which compromised the process of anti-viral scanning. The absence of correct data on signatures, in turn, resulted in anti-malware solutions ignoring the object. You can get a glimpse into the technical depths of this vulnerability in a report by Neel Mehta.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

References

  1. Zero-day is a kind of hardware or software vulnerability that has been detected but not patched yet. Zero-day exploit, therefore, is malware that takes advantage of such vulnerability.
Chrome Hacked Again
Article
Chrome Hacked Again
Description
Google Chrome is going through hard times. The company warns users of new high-level threats again. In September, security specialists have found the 11th zero-day exploit of 2021 to target Chrome. Users of Windows, iOS, and Linux should be aware that they are at risk.
Author
Copyright
HowToFix.Guide
 

About the author

Wilbur Woodham

I was a technical writer from early in my career, and consider IT Security one of my foundational skills. I’m sharing my experience here, and I hope you find it useful.

Leave a Reply

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.