Emails claiming to be from Google asking to update your Google Chrome browser may lead toย CTB Locker/Critroni Ransomware
Security Researcher at Malwarebytes have discovered a new wave of malware attacks involvingย CTB Locker/Critroni Ransomware which targets the user through fake email notifications claiming to be come from Google Chrome security team and asking the users to click on the link.
The fake Google email asks the potential victim to update his/her Google Chrome, which the email claims, has become outdated and insecure.
โYour version of Google Chrome is potentially vulnerable and out of dateโ.
The executable file pretending to be the Chrome Update is not attached with the mail itself but following the link from the mail leads to one of the several compromised websites hosting the malware laden files.
The file named as โChromeSetup.exeโย is not a Chrome Update but a Ransomware variant,ย CTB Locker/Critroni Ransomware. which when executed/installed locks and encrypts all the files on the victims computer and changes the desktop background image which reads that, your personal files are encrypted by CTB Locker, asking the victim to pay a ransom ofย 2 BTC (about 500USD)ย to a Bitcoin Wallet address given on the desktop, to get his/her file decrypted else he/she will lose their files permanently.
Malwarebytes says, it is possible to remove the malware which is detected as Trojan.ZBAgent.NS byย Malwarebytes Anti-Malware however it is difficult to restore the encrypted files.
While these kinds of emails automatically gets marked as Spam by most big email providers Gmail, Microsoft and Yahoo, but sometimes they manage to give the email spam filters a slip and make their way toย main inbox folder.
While such an email may evoke suspicions immediately to a seasoned and tech savvy user, ย users with less knowledge of infosec may deem it be a real mail from Google Chrome security team and this is what the handlers/authors of this malware hope to achieve.
Never click on links in any suspicious messages to keep your computer safe and secure.
