Barracuda Networks warns of exploit kits planted on malicious websites, which are disguised as a Fake Google Chrome browser update.

QUOTE: Exploit kits are pre-packaged sets of malicious code that scammers install on websites.  The scammers try to steer visitors to the URL of the exploit kit so that their code can attack your web browser and ultimately install malware on your computer. Exploit kit URLs are often distributed via spammed messages with enticing HTML links in them.

The most frightening thing about these kits is that a click on one of these links can cause malware to be downloaded and run without any indication that anything is happening. But sometimes the target computer isn’t easy to attack, and the scammers have to fall back on their social engineering skills to get what they want. We recently saw this at Barracuda Labs when we followed a spam link to an exploit kit that behaved quite differently than usual when it detected the Google Chrome browser.

These are a favorite of spammers and should always be considered suspicious. In this case all of the links point to a hacked website hosting a Blackhole exploit kit. Following the link with Internet Explorer gave us a typical chain of events – malicious javascript set up a PDF exploit resulting in a Zeus download.  But when we followed the same link with the Google Chrome browser, the kit shifted gears. Since Chrome uses it’s own internal PDF engine that is not as vulnerable, a different attack was presented in the form of a fake Chrome update page.