Google Chrome confirms cyber ‘espionage’ attacks from ‘highly sophisticated malware’

It is important to think before clicking on links to avoid potential cybersecurity threats.

After cybersecurity experts identified a surge in malware affecting Chrome users, Google has acknowledged the attacks and announced a security patch that will be included in the latest browser update.

Researchers at Kaspersky discovered a wave of infections caused by sophisticated malware triggered when a target clicked on a phishing link in an email, launching the site in Google Chrome.

No additional action was necessary for the infection to occur, according to the researchers.

The cybersecurity experts swiftly analyzed the exploit code, reverse-engineered its logic, and confirmed that it exploited a zero-day vulnerability in the latest version of Google Chrome, promptly reporting it to Google.

“We have discovered and reported dozens of zero-day exploits actively used in attacks, but this particular exploit is certainly one of the most interesting we’ve encountered,” the researchers admitted.

The malware, identified as “Operation ForumTroll,” appeared to have espionage as its primary goal, targeting media professionals, educational institutions, and government agencies.

While the security flaw will be addressed in the upcoming Chrome update, users are advised to be cautious about clicking on unknown links and to scrutinize emails for safety before interacting with their contents.

The news of this vulnerability comes shortly after Microsoft recommended the use of its Edge browser in light of increased cybersecurity threats.

In a previous incident, Google Chrome users were warned against using several browser extensions that posed security risks. Sixteen malicious browser extensions, including those for ad blocking and emojis, were identified as potential threats for data theft and search engine fraud.