"You Are Using an Older Version of Chrome" Trojan – Remove It Fully
THREAT REMOVAL

“You Are Using an Older Version of Chrome” Trojan – Remove It Fully

This article aims to help you remove the “You Are Using an Older Version of Chrome” Trojan notification completely from your web browser and Windows.

A new malware, spreading banking Trojans has been detected to imitate fake flash player or browser update pages. These pages often imitate the legitimate update pages of a browser and they have a button which pretends to fool victims it starts the update, for example “Update Chrome”. The notification is available for each browser and is different for different web browsers. If you see the “You Are Using an Older Version of Chrome” pop-up and have clicked on the “Update Chrome” button, you may want to read the following article, explaining how to remove the Chtonic banking malware from your PC and protect it against such malicious infection sites in the future.

Threat Summary

Name"You Are Using an Older Version of Chrome"
TypeBanking Trojan
Short DescriptionA variant of the Zeus banking malware. Aims to gather and steal financial information from your computer.
SymptomsYour PC may behave in a strange manner and you may be introduced to phishing web pages.
Distribution MethodVia a PUP, causing browser redirects or as a result of visiting a compromised website.
Detection Tool See If Your System Has Been Affected by "You Are Using an Older Version of Chrome"

Download

Malware Removal Tool

User ExperienceJoin Our Forum to Discuss "You Are Using an Older Version of Chrome".

”You Are Using an Older Version of Chrome” – How Does it Infect

The main method of infection this virus does is to be spread via unwanted web pages. Those web pages are usually legitimate websites that have already been compromised. Their primary goal is to intercept the traffic and via an injected JavaScript to redirect to the following web page and similar ones to it:

Once the victim clicks on the Update Chrome button, the malware begins to download various different types of objects on the user PC. And even if you do not click on the “Update” button, the malware may begin to inject a JavaScript which uses Dropbox to force infect your computer without you even noticing this.

”You Are Using an Older Version of Chrome” Virus – Activity

Once this malware has infected your computer, it begins it’s activity in an approximate way to the other FakeUpdates malware campaigns, that have already been responsible for infecting thousands of CMS websites.

The virus starts by running the Chtonic banking malware. This virus is a banking Trojan and it derives from it’s older brother – Zeus banking Trojan.

As the malicious code is downloaded on the victim’s computer, a configuration file is injected into the msiexec.exe process. This results in various different modules that may be dropped on the victim’s computer. These malicious files, also known as modules may be dropped in the following Windows directories:

  • %AppData%
  • %Local%
  • %LocalLow%
  • %Temp%
  • %Roaming%

Once the payload is dropped, the malware may connect to a remote host, which likely belongs to the hackers, controlling it. From there, the Chtonic Trojan has multiple “extras” in it, that can give you a lot of headaches:

  • It can collect information and files saved on your PC.
  • It can enable remote access from far away, turning your PC into a puppet of the hacker.
  • It can steal your passwords, saved on your browser and PC accounts.
  • It can log the keys you type on your keyboard.
  • It can record sound and video, using your microphone and web camera.

Besides these techniques, the Chtonic banking Trojan may also download malware and update itself to remain hidden and undetected by antivirus programs. And if detected, the malware may activate copies of itself, fooling you that your antivirus has removed it, whereas it has only deleted one set of copies of this malware.

The victims of the “You Are Using an Older Version of Chrome” virus have been a lot over time, since this is one of the more complicated viruses. Among them are a Japanese bank, where the malware has succeeded to hide the warnings of the bank’s security system and inject a malicious script, allowing the cyber-criminals to make transactions and steal a lot of money from victims’ accounts.

Another example of infected victim by this virus is a Russian financial institution, where the virus used fake banking web pages to get victims to login, entering their banking information. This resulted in directly stealing data and allowing hackers to perform a massive user-oriented cyber-heist.

In addition to this, the virus is similar to it’s older version as it uses similar encryption techniques and anti-virtual machine defensive techniques. But if we see it again, this is surely a clear sign that the malware is evolving and needs to be dealt with not only from the user’s perspective, but organizations need to implement higher security from their end as well. Until that happens, your best bet if you have visited the “You Are Using an Older Version of Chrome” web page is to act fast and remove this malware immediately after which change your banking credentials to lock any access to your bank account. And do not forget to change all of your passwords after securing your computer, instructions for which you can see if you keep reading this article.

Remove >”You Are Using an Older Version of Chrome” Malware

In order to successfully remove the >”You Are Using an Older Version of Chrome” virus, we advise you to follow the removal instructions that are underneath this article. Their sole purpose is to help you to delete this malware either manually or automatically, based on your malware removal experience. If manual removal makes you unconfident that you will be able to succeed, security researchers always outline to use an advanced anti-malware program to perform the removal process automatically by downloading an advanced anti-malware software. This will effectively help eliminate the “You are Using an Older Version of Chrome” malware from your computer and protect your computer against any future threats and attempts on your PC.

Avatar

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...