Google Chrome users are facing a new cyber threat that uses drive-by download attacks. This strategy targets people who want to download the Google Chrome web browser app. It could put malware on their systems.
Security experts are telling users to be careful when they download things. Shmuel Uzan has reported on a new malware called ValleyRAT. It uses phishing emails, bad websites, and instant messaging to trick users into downloading it.
In a recent attack, the threat actors made a fake website that looked like a Chinese telecom company to spread the malware. Jamie Akhtar, CEO at CyberSmart, said these attacks are getting more advanced and targeted. The campaign focuses on finance, sales, and accounting workers because they have access to sensitive data.
Akhtar said this technique will likely be copied and used to target Western companies. He told people to be careful when downloading software tools. Erich Kron from KnowBe4 said it’s important to only download software from real publisher sites.
chrome users face malware threats
He warned that malware on other sites and in ads can be very effective. Kron said taking steps to stay safe is crucial, especially for popular software like Google Chrome.
Chrome users also need to watch out for security holes in the browser. These affect Android, Linux, macOS, and Windows systems. Some major issues are:
– CVE-2025-0444: A high-rated problem in the Skia browser part.
– CVE-2025-0445: A high-rated issue in Chrome’s V8 JavaScript engine. – CVE-2025-0451: A medium-rated problem in the Extensions API. Google has released a new ChromeOS version, 126.0.6478.264, to fix more security holes:
– CVE-2025-0437: An out of bounds memory read issue in Metrics.
– CVE-2025-0438: A stack buffer overflow in Tracing. To stay safe, users should keep Chrome and their operating systems updated. Google does a lot of this automatically, but users can check for updates in the Help|About Google Chrome menu.
Cybersecurity experts say users, especially those with sensitive data, need to stay alert. The key steps are to make sure downloads are from real sources and to keep software up to date.
Image Credits: Photo by AS Photography on Pexels
