One of the most common tactics employed by notorious cybercriminals involves taking advantage of the popular trends and creating fraudulent websites/apps to trick users. It looks like some of the players have tried to exploit the confusion surrounding Meltdown and Sprectre CPU bugs.
Forget buggy updates which are causing numerous problems to the users, Malwarebytes has spotted a fake update package that installs malware on your computer. The firm has identified a new domain that’s full of material on how Meltdown and Spectre affect CPUs.
The website appears to have content from the German Federal Office for Information Security (BSI). However, the website is fraudulent and it hosts a ZIP archive link, which is a piece of malware. The fake file in the archive is Intel-AMD-SecurityPatch-10-1-v1.exe.
In case the user downloads the file and attempts to install it, Smoke Loader malware infects the PC. It further downloads more payloads by connecting to various domains and send encrypted traffic.
The website was also spotted sending fake phishing emails. Here’s a screenshot:
Malwarebytes has already contacted CloudFlare and Comodo regarding this abuse and the site isn’t resolving anymore. But, it doesn’t mean that hackers aren’t trying to exploit such publicized events.
The end-users are advised to always remain cautious and download updates from the dependable sources only. In case you’re getting direct emails or calls from vendors, take them with a grain of salt.