Pages

Security researchers detect a new malware which quite cleverly attacks Windows PC

Malicious activities have long been present, and with increasing technology the ways malware attacks are being done is advancing as well. While previously a lot of malwares were detected, a new malware attack has been detected by Rapid7 which cleverly attacks Windows users.

Users of Microsoft Windows, according to Rapid7 researchers, when visit websites online are confronted with some web browsers which in return asks them to take some actions which generate the malware attack. The malware concept may not be new, but the attack is done so silently that the users don’t even realize what has been done.

The basic concept behind the attack according to Rapid7 is to steal user data as well their cryptocurrency directly off the PC which has been infected.

The research by Rapid7 showed that the malware was detected to get access to user personal information and in this case cryptocurrency information from the PC. On further investigations it was revealed that the malware was downloaded in the PC because of a missing puzzle the current version of Chrome had which made it pretty easy for malware to make its way in the PC.

The flaw in the Chrome version enabled the malware to make its way, and it was downloaded through pop up ads which appeared on websites or through the indirect website chains that users were directed to.

birchlerarroyo[.]com, was the first domain on which investigations were conducted and malware was detected. The results showed that the browser requested to show notifications to the user and once it was accepted it further asked them to update the chrome browser.


While updating chrome is a common tactic, users would go on with updating without even realizing that a malware was settling in.

What seems to be a confusing thing is that how did the malware made users accept the notification process because not a lot of users are too keen on receiving notifications from the browser.

The file MSIX is what downloads and is responsible in the spread of the malware. While the MSIX applications is responsible for the malware, it happens to have other tricks attached to it as well which destroy or affect your PC in several ways. The malware has the potential to bypass the User Account Control which happens to be present for user security and easier inhabit your working system ultimately putting further damage and hence goes undetected by the system.

Hence it is important for users to only use authentic websites and not visit malicious websites where the risk if malware download is high.

Read next: Research Reveals Leftover Files Of Popular Websites Can Help Hackers Steal Users Data

No comments:

Post a Comment