How to avoid the new browser update scam that can steal your data

A new type of malware scam is targeting web users who are tricked into updating their browsers. The scam, dubbed ClearFake, uses compromised WordPress sites to display fake browser update alerts that lead to malicious downloads. The malware can then access the user’s personal information and accounts.

What is ClearFake and how does it work?

ClearFake is a scam that exploits users’ trust in browser updates. It was first discovered by cyber sleuth Randy McEoin in August 2023. He noticed that some WordPress sites were showing browser-specific update messages that looked legitimate. For example, Chrome users would see a Chrome alert, while Firefox users would see a Firefox alert.

However, clicking on the update button would not install a browser update, but rather a malicious file that can infect the user’s system. The file can then steal the user’s data, such as passwords, credit card numbers, and other sensitive information.

How to avoid the new browser update scam that can steal your data
How to avoid the new browser update scam that can steal your data

How is ClearFake different from other browser update scams?

ClearFake is not the first scam that uses fake browser update alerts to spread malware. In fact, email security experts at Proofpoint have identified multiple groups using similar schemes to deliver harmful payloads. These scams are effective because they mimic trusted sites and exploit users’ safety training.

However, ClearFake has evolved to use a more sophisticated technique to hide its malicious files. According to Guardio Labs, a reputable security firm in Tel Aviv, the ClearFake scam has shifted its operations to the Binance Smart Chain (BSC), a platform that supports decentralized apps and automated “smart contracts”.

Smart contracts are pieces of code that run on the blockchain, an encrypted network of transactions that is virtually impossible to tamper with. By hosting their malicious files on the BSC, the ClearFake scammers can evade any takedown attempts and deliver their payloads without leaving any trace.

Nati Tal, Guardio Labs’ security chief, explained that these bad actors exploit BSC’s infrastructure, creating what are called malicious “contracts”. Once activated, these contracts are designed to deliver their harmful payloads.

“The strength of these contracts lies in their innovation and accessibility,” Tal stated. “Given the blockchain’s nature, hosting code becomes virtually untouchable, evading any takedown attempts.”

How to protect yourself from ClearFake and other browser update scams

The best way to protect yourself from ClearFake and other browser update scams is to be vigilant online and follow some simple tips:

  • Never click on any browser update alerts that pop up on suspicious websites. They could be hiding malicious files that can infect your system.
  • Always update your browser from the official source. You can check for updates manually by going to your browser’s settings or visiting its website.
  • Invest in strong antivirus protection on all of your devices. Antivirus software can alert you of any malware in your system, warn you against clicking on any malicious links in phishing emails, and ultimately protect you from being hacked.
  • Keep all your operating software updated at all times. Software updates often include security patches that can fix vulnerabilities and prevent hackers from exploiting them.

By following these tips, you can avoid falling victim to ClearFake and other browser update scams that can damage your devices and expose your personal information.

Leave a Reply

Your email address will not be published. Required fields are marked *