Google Chrome users are being actively targeted with a spam email campaign impersonating the Internet giant, urging them to download a newer version of the popular browser because theirs is “potentially vulnerable and out of date”:
Unfortunately for those who fall for this scam, the offered link does not lead to the legitimate software, even though the executable is named ChromeSetup.exe.
The file, hosted on several compromised sites to which the victims are redirected via assetdigitalmarketing[dot]com/redirect.php, is actually a variant of the CTB-Locker Trojan, which will encrypt specific files on the victims’ computer, and ask for a ransom in order to deliver the decryption key.
This time, the amount required is 2 Bitcoin (around $450), and the victims are required to pay the ransom within 96 hours.
“Social engineering remains a powerful technique to trick people into running programs they shouldn’t,” noted Malwarebytes’ Jerome Segura. “As a rule of thumb you should always only download files from their official website rather than from some unknown site.”