A brand new investigation reveals that Microsoft Edge and Bing are pushing malware to users who are searching for Google Chrome. The scenario goes like that: a user launches the Edge browser on his new Windows 10 computer and is aiming to download the Chrome browser.
Users End Up on a Phishing Page Disguised as Chrome Download Page
Upon clicking on the first result and heading to google.com on Bing, the user finds himself on a phishing website that pushes malware in the form of a Chrome download page.
The experience has been shared by Gabriel Landau in a tweet:
Brand new Win10 laptop. Attempt to install Chrome. Almost get owned with my very first action. Why is this still happening in 2018, @bing? Please explain. pic.twitter.com/uYJhu7xa9H
— Gabriel Landau (@GabrielLandau) October 25, 2018
Researchers were able to reproduce the issue and found out the malicious scenario doesn’t happen every time. However, sometimes an ad for google.com will show up, an ad that doesn’t lead to the real search engine but to a scammers’ page.
The page is designed to look like a Google Chrome download page which resembles the real one, and it will take the user to googleonline2018(.)com:
The page doesn’t download the desired browser but is pushing a form of malware.
It is important to note that Chrome blocks this site as “deceptive,” but Bing and Edge don’t. It’s also worth mentioning that the deceptive ad doesn’t show up every time on any system. This most likely means that it may be targeted geographically. Researchers were only able to reproduce the deceptive behavior in Microsoft Edge.
It appears that the ad was circling the Web earlier this year, in April, when Microsoft removed it. Several months later, and the ad is back in an identical form. The current status of the ad is that it has once again been removed by Microsoft. The company, however, hasn’t provided any explanation as to why the ad appeared to be served from google.com. It’s also unclear whether the general issue has been entirely fixed, which means that such behavior may be seen again in the future.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me:
100% true. this is happening with my system right now.