Forget buggy updates which are causing numerous problems to the users, Malwarebytes has spotted a fake update package that installs malware on your computer. The firm has identified a new domain that’s full of material on how Meltdown and Spectre affect CPUs.
The website appears to have content from the German Federal Office for Information Security (BSI). However, the website is fraudulent and it hosts a ZIP archive link, which is a piece of malware. The fake file in the archive is Intel-AMD-SecurityPatch-10-1-v1.exe.
In case the user downloads the file and attempts to install it, Smoke Loader malware infects the PC. It further downloads more payloads by connecting to various domains and send encrypted traffic.
The website was also spotted sending fake phishing emails. Here’s a screenshot:
Malwarebytes has already contacted CloudFlare and Comodo regarding this abuse and the site isn’t resolving anymore. But, it doesn’t mean that hackers aren’t trying to exploit such publicized events.
The end-users are advised to always remain cautious and download updates from the dependable sources only. In case you’re getting direct emails or calls from vendors, take them with a grain of salt.