If you visit a website and are advised that you need to update Google Chrome, do not download the update. A campaign has been identified that is using fake Google Chrome updates to trick web visitors into downloading and installing malware.
Legitimate WordPress sites are hacked by exploiting critical vulnerabilities and zero-day flaws in WordPress and WordPress plugins. The attackers then create new admin accounts and plant backdoors allowing persistent access. The campaign is targeting individuals in the United States, United Kingdom, Canada, Australia, Israel and Turkey.
Two malware installers are used in this campaign named Critical_Update.exe and Update.exe. Together they have already been downloaded more than 2,500 times. The installers have valid digital certificates, which are identical to those uses in another campaign conducted by the same group that used a fake NordVPN installer to install the Bolik banking Trojan. In that campaign, the legitimate NordVPN client was also installed to make it appear that the installer was genuine.
If you want to check whether you are running the latest version of Google Chrome, open the Google Chrome Menu, click Help > About Google Chrome. Google Chrome will then check to see if an update is available.