More fake Windows updates are spreading malware, so watch what you download

Sead Fadilpašić

May 11, 2023 at 8:37 AM·2 min read

Magnifying glass enlarging the word 'malware' in computer machine code

Researchers have warned of a new cyber scam campaign using fake Windows updates to trick victims into downloading and running the Aurora infostelaer on their devices.

Experts at Malwarebytes recently spotted a malicious advertising campaign leveraging pop-under ads to deliver a malware loader.

Pop-under ads are a type of ad that loads under the browser, and is only visible once the user closes, or moves the browser out of sight. These ads, served mostly on adult content websites with high traffic numbers, are displayed in full-screen, and tell the user that they need to update their device. More than a dozen domains were used in this campaign, it was said.

Turkish victims

Those that fall for the trick would download a file called ChromeUpdate.exe which, in reality, is a malware loader called “Invalid Printer”. The researchers are saying that Invalid Printer is a so-called “fully undetectable” (FUD) malware loader, used exclusively by this particular, yet unnamed, threat actor. Once Invalid Printer makes it to the target endpoint, it will first check the graphic card to see if it’s installed on a virtual machine, or in a sandbox. If it determines that the device is a legitimate target, it will unpack and launch a copy of the Aurora infostealer.

Aurora is a piece of malware with “extensive capabilities” and low antivirus detection, its creators claim. In reality, it took antivirus programs a few weeks to start flagging Aurora installs as malicious, Malwarebytes said. Written in Golang, Aurora is on sale on dark web forums for more than a year now. In this particular campaign, some 600 devices were compromised, the researchers believe.

> A nasty new infostealer malware is landing in email inboxes

> This new malware has emerged from the dark web and is after your data

> These are the top ID theft protection tools today

According to Jérôme Segura, director of threat intelligence at Malwarebytes, most victims are Turkish, as every time a new sample gets submitted to Virus Total, it comes from a Turkish user.

"In many instances, the file name looked like it had come fresh from the compiler (i.e. build1_enc_s.exe)," the researcher concluded.

These are the best firewalls around

Via: BleepingComputer

Yahoo Finance
The FDIC change that leaves wealthy bank depositors with less protection
Affluent Americans may want to double-check how much of their bank deposits are protected by government-backed insurance. The rules governing trust accounts just changed.
Yahoo Sports
Former NBA guard Darius Morris dies at 33
Former NBA guard Darius Morris has died at the age of 33. He played for five teams during his four NBA seasons. Morris played college basketball at Michigan.
Yahoo Sports
Kyle Larson beats Chris Buescher at Kansas in closest finish in NASCAR history
Larson won by 0.001 seconds.
Yahoo Sports
No one was airing Angel Reese and Kamilla Cardoso's WNBA preseason debuts, so an X user livestreamed it
The quality was choppy, but it was better than what the WNBA had.
Yahoo Sports
Bulls' Lonzo Ball picks up $21.4 million option for 2024-25 season amid knee concerns
Ball hasn't played since the 2021-22 season.
Yahoo Sports
Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race
Race organizers say they'll revoke a Trump fundraiser's suite license if he holds an event for the former president on Sunday at the race.
Yahoo Sports
New details emerge in alleged gambling ring behind Shohei Ohtani-Ippei Mizuhara scandal
It turns out the money was going from Ohtani's bank account to an illegal bookie to ... casinos.
Yahoo Sports
NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?
Which teams did the best in the NFL Draft?
Yahoo Sports
2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick
Yahoo Sports' Charles McDonald breaks down the Broncos' 2024 draft.
Yahoo Sports
Anthony Edwards' arrival should have the Nuggets — and the entire league — on high alert
The Timberwolves' rising superstar led Minnesota to a Game 1 victory over Denver, then reminded the world that he's 22, not 23 ... yet.
Autoblog
Why did Musk ax the Supercharger team?
Elon Musk’s decision to dismiss much of Tesla’s Supercharger team this week came as a shock. A look at possible reasons why he did it.
Yahoo Sports
Kentucky Derby: Mystik Dan wins in three-horse photo finish, outruns favorite Fierceness in stunning upset
The 150th Kentucky Derby produced yet another magnificent two-minute spectacle.
Yahoo Sports
Formula 1: Lando Norris gets his first win ahead of Max Verstappen at the Miami Grand Prix
Norris hadn't pitted and was leading the Grand Prix when a safety car was deployed for Logan Sargeant and Kevin Magnussen's crash.
Yahoo Sports
The best QBs for 2024 fantasy football according to our analysts
The Yahoo Fantasy football analysts reveal their first quarterback rankings for the 2024 NFL season.
Yahoo Sports
Canelo Álvarez and Oscar De La Hoya erupt in heated exchange ahead of title bout with Jaime Munguía
Canelo Álvarez is set to defend his title against undefeated Jaime Munguía on Saturday in Las Vegas.
Yahoo Finance
CVS stock plunges after earnings numbers one analyst 'did not even believe'
CVS warns it could cede Medicare Advantage market share as reimbursement rates pressure the company.
Engadget
The best budgeting apps for 2024
Budgeting apps can help you keep track of your finances, stick to a spending plan and reach your money goals. These are the best budget-tracking apps available right now.
Yahoo Sports
Caitlin Clark catches fire from 3 in WNBA preseason debut; Arike Ogunbowale's late heroics send Wings past Fever
Caitlin Clark’s WNBA preseason debut went much like her senior year at Iowa. She hit a bunch of 3s and did so in front of a sold-out crowd.
Yahoo Sports
UFC 301: Alexandre Pantoja survives bloody wounds and bad advice to retain flyweight belt vs. Steve Erceg
A challenger with less than a year of UFC experience gave Pantoja plenty of problems. And wounds.
Yahoo Sports
Shohei Ohtani punctuates Dodgers sweep of Braves with 2 home runs to tie MLB lead
Ohtani tagged Braves ace Max Fried for a two-run shot in the first inning, then hit a solo shot in the eighth as the Dodgers prevailed in a battle of NL favorites.

News

Life

Entertainment

Finance

Sports

New on Yahoo

More fake Windows updates are spreading malware, so watch what you download

Turkish victims

Recommended Stories

The FDIC change that leaves wealthy bank depositors with less protection

Former NBA guard Darius Morris dies at 33

Kyle Larson beats Chris Buescher at Kansas in closest finish in NASCAR history

No one was airing Angel Reese and Kamilla Cardoso's WNBA preseason debuts, so an X user livestreamed it

Bulls' Lonzo Ball picks up $21.4 million option for 2024-25 season amid knee concerns

Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race

New details emerge in alleged gambling ring behind Shohei Ohtani-Ippei Mizuhara scandal

NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?

2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick

Anthony Edwards' arrival should have the Nuggets — and the entire league — on high alert

Why did Musk ax the Supercharger team?

Kentucky Derby: Mystik Dan wins in three-horse photo finish, outruns favorite Fierceness in stunning upset

Formula 1: Lando Norris gets his first win ahead of Max Verstappen at the Miami Grand Prix

The best QBs for 2024 fantasy football according to our analysts

Canelo Álvarez and Oscar De La Hoya erupt in heated exchange ahead of title bout with Jaime Munguía

CVS stock plunges after earnings numbers one analyst 'did not even believe'

The best budgeting apps for 2024

Caitlin Clark catches fire from 3 in WNBA preseason debut; Arike Ogunbowale's late heroics send Wings past Fever

UFC 301: Alexandre Pantoja survives bloody wounds and bad advice to retain flyweight belt vs. Steve Erceg

Shohei Ohtani punctuates Dodgers sweep of Braves with 2 home runs to tie MLB lead