HQ/EMEAFind out how we can help your business
The latest deceptive malware called FakeUpdateRU could cleverly disguise itself as a Google Chrome browser update to infect unsuspecting users. Researchers recently published an advisory regarding this threat after discovering its presence on various websites, indicating the evolving tactics employed by cybercriminals.
FakeUpdateRU is a remote access trojan that targets unknowing users, leveraging the trust associated with legitimate software updates. Its infection process primarily targets WordPress sites and Content Management System (CMS) platforms.
The malware’s modus operandi includes overwriting the main index.php file, which could replace website content with a malicious overlay. In some campaigns, researchers detected the malware within index.html files in the wp-content directory.
The malware operators could also include a JavaScript code that could communicate with a Telegram channel on the infected websites to hide its actions further. The channel could serve as a channel for attackers to receive notifications each time a victim downloads their payload.
FakeUpdateRU is not the first malware to employ such techniques.
Based on reports, the FakeUpdateRU malware is not the first time such a campaign has used such tactics. Security researchers identified a similar scheme involving the ClearFake malware. The tactics employed in this campaign resemble previous cyberattacks, such as SocGholish and FakeSG, which relied heavily on social engineering strategies to trick users into installing fake web browser updates.
Everyone should be critical of every software they install or update on their devices. Keeping web browsers updated through legitimate channels should be the top priority. Additionally, users should regularly monitor the plugins and themes used on websites, as these can often be vulnerable points of entry for malware.
Furthermore, everyone should maintain regular backups of websites to mitigate the potential damage caused by attacks like FakeUpdateRU. Implementing strong firewalls could also help in defending against cyber threats.
Individuals and organisations should remain informed, be cautious, and follow the best cybersecurity hygiene to protect their online assets and data from malicious actors. Lastly, everyone should know the new trends in the threat landscape since threat actors are constantly creating new strategies that would allow them to make their attacks more efficient.
