If you get an error message while surfing the internet, be careful - it might be a trick to get you to download malware.
That's the warning from cybersecurity researchers at Proofpoint, who recently observed multiple threat actor groups using the same tactics to deploy different malware variants.
As per the researchers, hackers would either compromise an existing website, or create a new one themselves - and this website, when opened, will display an overlaid error message, stating that there is a problem with viewing the contents of the site.
Fake popup ad
The problem, the message further explains, is due to a malfunctioning update. Users are then told that in order to fix the bug, and view the website, they should install the latest update which is, conveniently enough, supplied straight in the error message.
"Although the attack chain requires significant user interaction to be successful, the social engineering is clever enough to present someone with what looks like a real problem and solution simultaneously, which may prompt a user to take action without considering the risk," Proofpoint's report said.
The "fake popup ad" method is hardly new, but this particular campaign, in which the attackers impersonate Chrome, was observed by three separate entities - ClearFake, ClickFix, and TA571.
The groups are using this method to drop different kinds of malware to their victims' devices, including DarkGate, Matanbuchus, NetSupport, Amadey Loader, XMRig, a clipboard hijacker, and Lumma Stealer.
Some of these are quite popular in the underground community, such as DarkGate, Lumma Stealer, and XMRig.
The latter is a cryptocurrency miner that uses the device's entire computing power, as well as plenty of electricity, too, to "mine" Monero (XMR).
Monero is a known privacy-oriented coin who is notoriously difficult to track, and as such is the go-to currency for many criminals.
Via BleepingComputer
More from TechRadar Pro
- This devious malware hijacks key Google Chrome dev tools to steal data
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now