Google Chrome is facing a serious security threat. Two separate vulnerabilities, or flaws, in the browser, are being actively exploited by attackers. The U.S. government has responded quickly by ordering all federal employees to update their browsers within 21 days. Microsoft, which found and disclosed one of these flaws has gone even further. The company recommends that users consider switching to a different browser.
Details of the Two Exploits and Ongoing Attacks
On August 21, Google released an urgent update for Chrome. This update fixed several vulnerabilities, including one known as CVE-2024-7971, which was already being exploited. However, by August 26, Google had updated its warning to include a second flaw, CVE-2024-7965. Both vulnerabilities are now being actively attacked by hackers. In response, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added these two threats to its Known Exploited Vulnerability (KEV) catalogue. CISA has mandated that all federal employees update their Chrome browsers by mid-September to protect against these threats.
Microsoft’s security team discovered the first of these two vulnerabilities. The company recently released a report linking the attacks to crypto thefts. Microsoft states that these attacks are likely being carried out by a North Korean threat group called Citrine Sleet. The company believes this group is behind the CVE-2024-7971 attacks, targeting financial institutions and individuals managing cryptocurrencies. According to Microsoft, Citrine Sleet uses fake websites that look like legitimate cryptocurrency trading platforms to trick people. These sites distribute fake job applications or lure people into downloading fake cryptocurrency wallets or trading apps that are malware.
Microsoft’s Strong Recommendation to Switch Browsers
Microsoft has stressed the importance of keeping all browsers, including Chrome and Edge, up to date. However, Microsoft also says that to fully protect against these types of threats, users need more than just updated software. It emphasizes the need for security solutions that provide “unified visibility across the cyberattack chain.” In its advisory, Microsoft recommends using Microsoft Edge or other browsers that support Microsoft Defender SmartScreen. This tool helps identify and block malicious websites, such as phishing sites, scam sites, and sites that host malware.
Microsoft clearly believes that Edge is more secure than Chrome and offers better protection against malware. This recommendation has stirred some controversy because Microsoft has a vested interest in promoting its browser, Edge, over its competitor, Chrome. Microsoft has also faced criticism for its aggressive advertising of Edge, especially on new Windows installations where Chrome is the default browser.
While Microsoft argues that Edge has better malware protection than Chrome, some see this as a self-serving recommendation. Critics note that Microsoft’s push for users to switch from Chrome to Edge comes at a time when Chrome is getting negative attention due to the vulnerabilities disclosed by Microsoft. Currently, Chrome remains the most popular browser, with over four times the number of users compared to Edge worldwide.
Google’s Response and the Role of Safe Browsing
Google has been working hard to enhance Chrome’s security features. The company’s Safe Browsing feature is designed to protect users from malicious websites. Previously, Safe Browsing used a list stored on a user’s device to check if a site or file was dangerous, with updates every 30 to 60 minutes. However, Google found that the average malicious site exists for less than 10 minutes. To improve security, Safe Browsing now checks sites against Google’s server-side list of known bad sites in real-time. Google claims this new approach will block 25% more phishing attempts.
Gizchina News of the week
Despite Microsoft’s push for users to switch to Edge, Google remains confident in Chrome’s popularity and resilience. However, Microsoft’s latest recommendation to consider other browsers highlights a different approach to security. Microsoft focuses on blocking the source of phishing attacks, arguing that Edge, with its integration with Microsoft Defender SmartScreen, is better equipped to handle these threats.
About the Attacks and Citrine Sleet’s Tactics
The threat actor behind these attacks, Citrine Sleet, has likely ties to North Korea’s state-sponsored cyber capabilities. North Korea has a well-documented history of focusing on cryptocurrency hacking to fund its regime. This group’s activities should be taken seriously, as their tactics can quickly expand beyond theft to include ransomware or even espionage.
Citrine Sleet creates fake websites that look like genuine cryptocurrency trading platforms. These sites trick users into downloading harmful software. Once on a victim’s device, the software can steal cryptocurrency, sensitive data, or even gain control over financial accounts. The group uses sophisticated phishing techniques, such as fake job applications or offers, to lure in victims. Microsoft’s warning indicates that the group is actively exploiting Chrome’s vulnerabilities to target financial institutions and cryptocurrency managers.
Should You Switch from Chrome to Edge?
Microsoft’s recommendation to switch from Chrome to Edge has raised eyebrows. Microsoft argues that Edge provides better protection against malware and phishing attacks than Chrome, thanks to features like Microsoft Defender SmartScreen. This feature automatically checks websites for malicious content and blocks access to harmful sites.
While Edge may offer additional security features, it’s important to recognize that the current threat impacts both Chrome and Edge. Users should ensure they update their browsers regularly, no matter which one they use. Staying updated is one of the best ways to protect against the latest threats.
Google has responded to Microsoft’s claims by improving its Safe Browsing feature, which now checks websites in real-time against a list of known malicious sites. While this does help enhance Chrome’s security, the ongoing competition between the two tech giants means both browsers will continue to evolve in their fight against cyber threats.
Why It’s Important to Stay Updated
The current threats from Citrine Sleet highlight the importance of keeping software updated. Outdated software often has security holes that can be exploited by hackers. For example, the vulnerabilities in Chrome were actively exploited because users had not yet applied the latest patches.
For those concerned about online safety, switching browsers may seem like a good idea, but it is not a complete solution. Both Chrome and Edge have their strengths and weaknesses, and cybercriminals target all popular platforms. The key takeaway is to stay updated, remain aware of potential threats, and use security tools that help identify and block attacks.
Conclusion: Protecting Yourself Online
The attacks on Chrome serve as a reminder of the constant threats in the digital world. While Microsoft suggests using Edge for its added security features, the choice of browser is ultimately up to the user. The critical step is to ensure that the browser is up to date.
Users should remain vigilant and consider additional security tools to protect against phishing and malware attacks. Whether using Chrome, Edge, or another browser, keeping software updated and staying informed about potential threats is the best way to stay safe online.
This recent incident also highlights the ongoing battle between tech giants like Google and Microsoft, each striving to prove that their browser is the best. Regardless of which side you choose, always prioritize security.
