Annoying browser “download bomb” reappears in Chrome
Last winter, security company Malwarebytes reported a security vulnerability to Chrome that a malicious gang used the “Download Bomb” to block the user’s browser and then induced the user to dial the “technical support phone” on the page for fraud.
After receiving feedback from Malwarebytes, Google released a fix in Chrome 65.0.3325.70. Recently, however, a user replied below the vulnerability report that he was inadvertently redirected to a scam site using Google Chrome 67.0.3396.87, which was released on June 12th, using the “Download Bomb” technology.
Later, other users confirmed his findings that the latest version of Chrome was again affected by the “download bomb”. According to the comments, the Chrome development team has no plans to update Chrome 67 for the time being, and the vulnerability will be fixed in Chrome 68 released later this month.
It’s worth noting that Malwarebytes’ security experts analyzed the malicious technology in February when he pointed out that Firefox and Opera would also be affected, with Microsoft’s Edge and Internet Explorer exceptions.
Browlock freeze seems to be affecting latest version of Google Chrome again (https://t.co/9KIHSlcsws); also on Firefox (https://t.co/Au1vu7eH1B).
Source: https://t.co/wNmghnrHAj pic.twitter.com/z8CROOMIZv
— Jérôme Segura (@jeromesegura) June 22, 2018