Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
Users who are simply looking to download the world’s most popular web browser may accidentally be infecting their systems with malware, says a new report from Malwarebytes Labs.
Called SecTopRAT, the malware hides inside a malicious ad that purports to be an installer for Google Chrome. However, anyone who clicks on the ad is instead funneled to a fake Google website designed to cleverly mimic the legitimate page. A final redirect downloads a large executable file that is disguised as the Chrome download but also includes the SecTopRAT malware.
Much like the massive Google account phishing campaign seen earlier this year, the hackers have gone through great lengths to get their fake website to resemble the actual Google page. When searching for “download google chrome” the URL in the sponsored result for the fake page is “https://sites.google.com” which is actually the web address for Google’s free website builder.
It is particularly egregious that the hackers behind this campaign used the company's free website builder to build a look-a-like page to infect unsuspecting users. However, since all pages with a sites.google.com address are user generated and part of an open platform, they can easily be confused with pages generated by Google itself.
How to stay safe
Malwarebytes points out in its report that its security software was able to protect users from this attack, so having antivirus software installed and up to date on your system is of absolute necessity to protect yourself from very convincing attacks like this one. At the same time, you also want to be aware of the most common phishing attack techniques and methods, know where to go to acquire software safely and never click on (or scan) unexpected links, PDFs or QR codes.
The increasing use of AI and malware as a service style attacks mean it's increasingly difficult for users to distinguish between legitimate sites and emails and malicious ones, so having one of the best antivirus software suites on your PC is a must.
You’re also going to want to make sure that you always enable multi-factor authentication whenever possible, use a password manager to protect your online accounts, and especially when provided by your antivirus suite, use a VPN.
Since Google Chrome is by far the most popular browser, attacks like this one will likely keep occurring as it's easy for hackers to impersonate the search giant. Hopefully though, Google begins cracking down on malicious ads further and making it more difficult for hackers and other cybercriminals to buy ad space in the first place.
More from Tom's Guide
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
