Malwarebytes: Watch out for FakeUpdates

Posted on Wednesday, April 11 2018 @ 10:12 CEST by Thomas De Maesschalck

Security firm Malwarebytes Labs issued a warning about "FakeUpdates". Apparantly, a growing number of cybercriminals are trying to trick web users into the installation of malware by posing as a fake update for a commonly-used piece of software.

The first signs of a broad malware campaign that relies on social engineering users with fake but convincing update notifications were spotted in December 2017, but more recently it's been picking up steam. Full details over here.

Today, we are looking at what we call the ‘FakeUpdates campaign’ and describing its intricate filtering and evasion techniques. One of the earliest examples we could find was reported by BroadAnalysis on December 20, 2017. The update file is not an executable but rather a script which is downloaded from DropBox, a legitimate file hosting service, as can be seen in the animation below.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!