Hackers are not just taking advantage but actively exploiting the Windows launch of the Arc browser to trick users into downloading malware. This is a serious issue that requires immediate attention and caution from all Arc browser users.
Arc, a relatively new internet browser, first launched for macOS in the summer of 2023. Initial feedback from the media and users was optimistic enough to prompt a release for Windows. However, this success has also attracted the attention of hackers.
The malvertising strategy
Unidentified hackers have created websites with typosquatted domains almost identical to the Arc browser’s official website. These hackers also created ads on Google that appeared to lead to the legitimate site. Due to issues within the Google ad network, these ads displayed the official website but redirected users to the typosquatted sites.
If you wanted to install Arc on your Windows device and searched for it on Google, you might find an ad at the top of the search results page. This ad points to a legitimate website but would take you to a malicious site. Here, you would be offered an infected version of the browser’s installer, hosted on MEGA, for download.
The hidden threat
Downloading this installer would install the Arc browser and unleash devastating malware on your device. Initial reports suggest that the malware could be an infostealer, a type of malware designed to collect sensitive information from your device, such as passwords and personal data.
Hackers often exploit significant events and product launches to trick people into downloading malware or giving away sensitive data. This tactic has been seen during the FIFA World Cup, Olympic Games, Chat-GPT launch, Windows 11 launch, and other significant events.
How to protect yourself
Empower yourself against these attacks by always typing the website address directly into your browser instead of relying on search engine results. If you are unsure of the site, take the initiative to be extra cautious and double-check the characters in the address bar before downloading anything. Your proactive approach can significantly reduce the risk of falling victim to these malicious campaigns.
By being vigilant and taking these precautions, you can reduce the risk of victimising these malicious campaigns.
