If you use a web browser, you need to be aware of a new scam that is trending online with a modern twist. The scam involves prompting website visitors to update their browsers to view content, but instead of delivering a legitimate update, it downloads malicious software that can steal your personal data. The scam also uses an encrypted cryptocurrency blockchain to hide its tracks and evade detection.
What is the new browser update scam and how does it work?
The new browser update scam is a variation of an old trick that has been used by cybercriminals for years. The scam targets users who visit compromised websites, usually running on WordPress, and displays a message that looks like a genuine browser update alert. The message is tailored to the user’s browser and device, making it more convincing.
For example, if you use Chrome on your laptop, you might see a message like this:
![Chrome browser update warning across multiple devices with a tempting blue button in the center.]
The message urges you to click on the blue button to update your browser and view the content. However, if you do so, you will not get an update, but a malicious file that can infect your device and steal your information.
The scam was first discovered in August 2023 by Randy McEoin, a cyber security researcher who dubbed it ClearFake. He found that the scam was using Cloudflare, a popular web service provider, to host its malicious files.
However, after Cloudflare took action against the scam, the perpetrators moved their operations to another platform: the Binance Smart Chain (BSC).
What is the Binance Smart Chain and how does it help the scammers?
The Binance Smart Chain is a platform that supports decentralized applications and smart contracts. These are self-executing programs that run on a distributed network of computers without any intermediaries.
The scammers exploit the BSC’s infrastructure by creating malicious smart contracts that deliver their harmful payloads. The advantage of using smart contracts is that they are virtually untouchable, as they are encrypted and stored on a blockchain.
A blockchain is a system of records that are linked together and secured by cryptography. The blockchain ensures that the records are immutable and transparent, making it ideal for applications that require trust and security.
However, in this case, the blockchain also helps the scammers hide their malicious intent and evade any takedown attempts.
Nati Tal, Guardio Labs’ security chief, explained that these bad actors exploit BSC’s infrastructure, creating what are called malicious “contracts”. Once activated, these contracts are designed to deliver their harmful payloads.
“The strength of these contracts lies in their innovation and accessibility,” Tal stated. “Given the blockchain’s nature, hosting code becomes virtually untouchable, evading any takedown attempts.”
How widespread is the new browser update scam and how can you protect yourself?
The new browser update scam is not limited to one platform or one group of attackers. According to Proofpoint, an email security company, there are multiple groups using fake browser update schemes to spread malware.
Proofpoint also noted that these scams persist because they are effective. They exploit users’ safety training by posing as trusted sites.
Dusty Miller of Proofpoint commented, “Users are conditioned to trust updates from known sources. These scams manipulate that trust, making users believe they’re on a legitimate site, urging a browser update.”
To protect yourself from falling for the new browser update scam, you should follow these tips:
- Always check the URL of the website you are visiting. If it does not match the official domain of the site you intended to visit, do not click on any links or buttons.
- Always verify the source of any browser update alerts. If you are not sure if an update is genuine or not, go to your browser’s settings and check for updates manually.
- Always use a reputable antivirus software and keep it updated. This can help you detect and remove any malware that might have infected your device.
- Always backup your data regularly. This can help you recover your files in case of a ransomware attack or data loss.
By following these simple steps, you can avoid becoming a victim of the new browser update scam and keep your data safe.
