BitDefender warns of a new campaign launched by cyber criminals that is claiming victims among the inexperienced users that happen on the wrong site. The new approach is part of the business of fake antivirus programs and attempts to push users to install malware on your computer. First, the user is directed to a page created just with the intention to look like security warnings that the Mozilla Firefox browser and Google Chrome uses to inform users that they are to display malicious content. The only difference is that the originals of a button Download Update page appears from the fake.

Once the user opened the page, a redirect javaScript triggers the download of an infected file called ff_secure_upd.exe chrome_secure_upd.exe or, depending on the browser for which the page was designed. The so-called "security update" is a fake anti-virus, identified by BitDefender as Gen Variant. Kaze. Web sites identified as part of this scheme have evocative names built around words like Firefox, update and news providers and are registered through domains for free. A quick check of the IP addresses revealed that these websites are Canadians.