BEWARE: Your Google Chrome may be at risk due to a 'very dangerous' update

Google Chrome, the world's most widely used web browser, is currently under threat from a fraudulent update that's been dubbed 'very dangerous'.

Disguised as a legitimate Chrome update, malicious software has been found stealing private data, messages, and photos from unsuspecting users.

This alarming news comes from a recent report by cybersecurity firm McAfee, which has urged Android users to avoid clicking any message links that claim to install Chrome updates on their devices.



The report reveals that the notorious MoqHao malware is lurking within these downloads, employing a new and highly dangerous technique.

Once the fraudulent Chrome update is installed, it begins its malicious activity automatically.


SDC 2.png
A new malware has been discovered by McAfee. Image source: Freepik.


The malware requests extensive user permissions, including access to SMS, photos, contacts, and even the phone itself.

It operates in the background, connecting with its command and control server, managing data to and from the device, and causing increasing damage.



A threat actor that typically operates in Asia called the Roaming Mantis group is believed to be behind this MoqHao (XLoader) campaign.

However, this specific campaign also appears to target users in Europe and the US, as one of the languages programmed into the campaign is English.

The fraudulent update cleverly uses Unicode characters to trick users into thinking it’s a legitimate Chrome update.

'This technique makes some characters appear bold, but users visually recognise it as “Chrome”,' McAfee explained.

'This may affect app name-based detection techniques that compare app name (Chrome) and package name (com.android.chrome).'



This is the third major Android malware alert of the year so far, following VajraSpy, SpyLoan, and Xamalicious.

There has also been a broader warning about copycat apps, which mirrors what we’re seeing here.

As for this specific malware, McAfee warned that they 'expect this new variant to be highly impactful because it infects devices simply by being installed without execution'.

Jake Moore from ESET, a software company specialising in cybersecurity, added: 'Copycat apps are simple to produce.'

'Downloading and installing a malicious app on your phone can lead to a number of disasters, including theft of personal data, compromise of banking information, poor device performance, intrusive adware and even spyware monitoring your conversations and messages.'

In response to the McAfee report, a Google spokesperson stated that 'Android has multi-layered protections that help keep users safe.'

'Android users are currently protected against this by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behaviour, even when those apps come from sources outside of Play.'

Google has also confirmed its collaboration with McAfee to address the new malware threat. McAfee is understood to be one of Google’s App Defense Alliance partners.
Key Takeaways
  • MoqHao, a 'very dangerous' malware disguised as a Google Chrome update on Android, can steal private data, messages, and photos.
  • Users were advised not to click message links that install Chrome updates, as this malware starts its malicious activity automatically upon installation.
  • McAfee has attributed this campaign to the Roaming Mantis group, and warned that it is also targeting users in Europe and the U.S. with English programmed into the campaign to broaden its reach.
  • Google and its App Defense Alliance partners are working to address the malware threat, and users are reminded to follow best practices such as sticking to official app stores and being cautious with permissions.
Members, always be cautious when downloading apps or updates, and remember to regularly check your device's security settings.

What are your thoughts on this latest news, dear members? Let us know in the comments below.
 
Sponsored
I have deleted Google Chrome browser off my computer, before you send me this message, I will not use it any more as my anti virus protection kept dinging me to let me know there was a Virus on Google Chrome. but thanks for letting me know why
 
  • Like
  • Haha
Reactions: Greg350 and Davmes
I too am wondering if this affects a PC. I do not use Chrome as a browser either on my laptop. I do not use a mobile for anything except calls
 
  • Like
Reactions: Jennie and Davmes
McAFee has tried for about 6 months to get into my iMac by threatening me with all sorts of spam. After money of course. But these are probably all copies or clones. But somehow they knew that my subscription to AV was due or paid
 
McAFee has tried for about 6 months to get into my iMac by threatening me with all sorts of spam. After money of course. But these are probably all copies or clones. But somehow they knew that my subscription to AV was due or paid
I’m always getting notifications from McAfee that my subscription is about or has expired. I have never ever had one.
 
I have deleted Google Chrome browser off my computer, before you send me this message, I will not use it any more as my anti virus protection kept dinging me to let me know there was a Virus on Google Chrome. but thanks for letting me know why
This is for phones, has nothing to do with PC's.
 
And the paranoia starts again. Do any of you actually take in what you read? Firstly it's on Android devices, not Windows PC's. Secondly Google have stated that they have a built in security feature to stop this download happening.

READ what's written.

Also, I have never had one of those virus programs on my PC's, they slow down the PC considerably. On Windows they have their own program working in the background, it doesn't slow the PC as much and will catch the vast majority of virus anyway.

Relax people, READ what you see, THINK about what you read, if it sounds odd delete it, if not sure phone the company involved directly using a phone number YOU look up. The world of computers is not bad if you use some common sense.
 
  • Love
Reactions: PattiB
IN THEORY ; The digital world will make things so much easier and safer. IN REALITY ; Well that didn't f%@$#g happen did it?
It's worked for me, and most people actually. Just use some simple common sense and you'll be fine.
 
  • Like
Reactions: PattiB
I don't have chrome - i uninstalled that RUBBISH browser. I use far more superior browsers that have loads more security and actually do the job of a browser not think it is something when it is nothing.
 
Be aware also of McAfee, I had an email claiming I had to turn on direct debit so they could update my subscription. I haven't used McAfee for several years.
Me too for a few months asking me to renew McAfee and I have never had them
 
What if it’s all ready installed ? Just ignore the updates .Ive got it on my laptop and it’s the only way I can access mail ect
 
I’m always getting notifications from McAfee that my subscription is about or has expired. I have never ever had one.
I've had the same email. I have one telling me if I don't renew it will affecr my receipt of emails. As I never had a subscription with them in the first place I just ignore it.
 
I'll definitely be extra vigilant when it comes to clicking on any message links claiming to install Chrome updates. It's all about staying one step ahead of these cybercriminals and safeguarding our personal data.

On that note, I appreciate the recommendation for Octo Browser. It sounds like a useful tool for enhancing online security, especially with its focus on multi-account management. I'll definitely check it out as an added layer of protection. For those interested in exploring Octo Browser further, you can check it out here at https://octobrowser.net/
 
Last edited:
  • Like
Reactions: PattiB

Join the conversation

News, deals, games, and bargains for Aussies over 60. From everyday expenses like groceries and eating out, to electronics, fashion and travel, the club is all about helping you make your money go further.
  • We believe that retirement should be a time to relax and enjoy life, not worry about money. That's why we're here to help our members make the most of their retirement years. If you're over 60 and looking for ways to save money, connect with others, and have a laugh, we’d love to have you aboard.
  • Advertise with us

User Menu

Enjoyed Reading our Story?

  • Share this forum to your loved ones.
Change Weather Postcode×
Change Petrol Postcode×