Beware of fake browser updates, security experts warn
Article after article, expert after expert, has drilled home the security message that you should always ensure your web browser is updated as soon as a security patch is made available. That message has not changed, but a nuance needs to be observed: how your browser update is applied. The warning not to update your browser comes following the discovery of a new threat campaign installing a Windows security backdoor disguised as updates of popular web browsers, including Google Chrome, Microsoft Edge and Mozilla Firefox. Here’s what you need to know.
WarmCookie Windows Backdoor Installed By Fake Web Browser Updates
Security researchers at Gen Threat Labs have warned users of the most popular web browser applications to be beware of an ongoing attack campaign targeting them by way of fake updates. A posting on X has warned that the attackers are distributing the WarmCookie Windows backdoor malware via compromised websites.
It would appear that the campaign is being run by a known group of criminal hackers going by the name of SocGolish, which is behind the sites that are either created or compromised to show fake browser update prompts when visitors land.
WarmCookie as a threat itself is not new, it can be dated back to late 2022 when threat intelligence researchers at eSentire spotted it being distributed by fake job sites. The switch to fake web browser security updates as a method to spread the malware is a facinorous one, to say the least. Not least because, along with most every other security professional and journalist covering the cybersecurity realm, I have been shouting the “update now” mantra for decades when it comes to patching security vulnerabilities in your browser.
That message, as such, hasn’t actually changed. You should ensure that your web browser, whichever brand you choose to use, is updated as soon as possible following the release of a security patch. What you shouldn’t do, and what this warning is ultimately all about, is update it by any means other than using the built-in tools. Most certainly avoid any pop-up or notification from a website asking you to download an update, no matter how realistic, genuine and pressing it might seem.
How To Safely Secure Your Web Browser With An Update
OK, first things first: you don’t have to do anything. It’s true. If you just leave things alone, your browser will automatically update itself to the latest version. Mostly. The problem of not updating is actually one of not activating the update, and this applies especially to those who keep dozens of tabs open and never close and restart the browser itself. This last step is required to activate the installed security update, which is why I always suggest people kickstart the process manually and as soon as possible after learning of the patch availability.
So, with this in mind, I recommend you still manually update your browser, even with the automatic updates feature in place. To do this for Chrome users and other browsers that will be similar, head to the Help|About option in the menu. If the update is available, it will automatically start downloading.
Then close all your tabs and hit the relaunch button, which will restart the browser and activate the patch.
