Stop Using Microsoft Edge To Download Chrome -- Unless You Want Malware

Discussion in 'Headline News' started by RickAgresta, Oct 27, 2018.

  1. RickAgresta

    RickAgresta Peanut, leader of the Peanutty Forces

    Messages:
    20,090
    Likes Received:
    13,683
    Trophy Points:
    288
    For many people who purchase a new Windows 10 PC, Microsoft’s built-in Edge browser has one purpose: to download an alternate browser like Google Chrome. The most common way to do this for people who don’t have the URL memorized? Type “download Chrome” in the address bar and click the first result provided by Bing search. Unfortunately those unsuspecting users have a high chance of downloading malware and adware. That’s because Bing has been serving up malicious but highly visible Google Chrome ads for months .
    [​IMG]

    This weekend, Twitter user Gabriel Landau enjoyed his first few hours with a Windows 10 laptop by doing this exact thing (video in Twitter link). The top result for his “download chrome” search via Edge looked ordinary enough. Except that when he clicked it the resulting domain was “GoogleOnline2018.com.” The fake site isn’t an exact copy of Google’s own Chrome landing page, but looks genuine enough to fool people. The download itself is called “ChromeSetup.exe,” but examining the digital signature reveals “Alpha Criteria Ltd.” That’s definitely not Google.

    Deceptive Site Ahead

    Fortunately Landau was observant enough to detect something fishy was happening, but the way these deceptive ads are hijacking Bing is clever enough to fool the average user.

    The malicious URL that Bing is happy to promote can’t fool Google or Firefox.When I simply type the above URL into my Firefox browser I’m faced with a bold red page declaring “Deceptive Site Ahead” completely with details and an option to go back.

    Chris Hoffman, EIC of How-To Geek was able to reproduce this error, and several users on Twitter have also complained about it. In his article he points out that the ad comes into rotation every few page refreshes. Because I can’t obtain that result on a fresh Windows 10 install, I suspect it may be targeting users geographically (I live in Europe).

    I notified Bing Ads of this issue, and since Landau’s tweet went viral overnight, I have confidence the malicious ad will be removed from Bing Search within the next 24 hours.

    But the real issue is that it keeps happening.

    I searched the web for similar complaints and found an article from Bleeping Computer dated April 2018. The same type of hijack using Bing Ads from Edge, displayed as the top result, leading to a fake Chrome download that serves up some particularly nasty adware in its installer. The most noticeable difference was the domain name “NewChromeDownload.com.”

    And then again 21 days ago from this user on Reddit. You guessed it. Same procedure, same structure, different domain name.

    Read the rest of the article here:
    https://www.forbes.com/sites/jasone...-download-chrome-unless-you-want-malware/amp/
     
    Chronos, lelisa13p, Mi An and 2 others like this.
  2. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    13,725
    Likes Received:
    2,807
    Trophy Points:
    113
    Or in other words, don't use Edge. ;)

    Sent from my Samsung Galaxy Note 8 using Tapatalk
     
  3. Hook

    Hook Phone Killer ;-) Arrrrr...f

    Messages:
    19,047
    Likes Received:
    8,433
    Trophy Points:
    288
    Or Bing. :vbwink:
     
  4. lelisa13p

    lelisa13p Your Super Moderator Super Moderator

    Messages:
    22,869
    Likes Received:
    5,855
    Trophy Points:
    288
    Never was a problem for me because I hate them both. :thumbsup:
     
    Mi An, Hook, z22 2006 User and 3 others like this.
  5. z22 2006 User

    z22 2006 User BHOT's Own Fluffy

    Messages:
    1,611
    Likes Received:
    274
    Trophy Points:
    258
    Right? I've use Firefox since version 2, and during the dark times of things not working right I used a derivitive of Firefox!
     
  6. EdmundDantes

    EdmundDantes Mobile Deity

    Messages:
    2,110
    Likes Received:
    1,691
    Trophy Points:
    288
    Wow, that's amazing. I think I used Edge to download Firefox and then (recently) used FF to download Chrome, which I have to use for one specific purpose.
     
    scjjtt and Mi An like this.
  7. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    13,725
    Likes Received:
    2,807
    Trophy Points:
    113
    Advertisement hijacking is far more common than one would think. It was only a few years back, you could Google for Youtube, click on an advertisement link for Youtube, and be sent to a malware site. The fact that people searched for youtube was rather pathetic, but the real impact was the resulting link. We wound up resorting to a network based adblock filter. The stuff that broke was staggering, but dang it all, they couldn't be fooled by malicious advertisement links. To some extent, that network based filtering still exists today, just to keep me from fixing half the computers due to attacks.

    Guess you'll have to practice safe searching before you even venture onto the web.
    Step one, install an adblocker for Edge.
    Step two, using Edge, download your favorite browser.
    Step three, bury Edge and set your favorite browser as default.
     
  8. EdmundDantes

    EdmundDantes Mobile Deity

    Messages:
    2,110
    Likes Received:
    1,691
    Trophy Points:
    288
    I had one new computer hijacked with a mild virus. Right out of the box I was setting it up and somehow I got that malware that forced Yahoo search on you. I'm not even sure how it happened, but since it was a new laptop, I could easily start from scratch.
     
    scjjtt likes this.

Share This Page