October 29, 2018 at
According to multiple new reports, Windows 10 owners are supposedly in danger of infecting their devices with malware if they attempt to download Google Chrome via Microsoft Edge. The complaints of multiple users indicate that Bing is returning search results that often contain different forms of malware, including adware.
— Gabriel Landau (@GabrielLandau) October 25, 2018
For a long time, there was a joke surrounding Internet Explorer, and now Microsoft Edge, that the only purpose for this web browsers is to download Chrome or Mozilla. However, the situation quickly took a turn for the worse, as many uncareful users actually got more than they wanted by doing so.
Bing search results retrieving malicious pages
In a video recently posted by a Twitter user, Gabriel Landau, Landau shows how a search for Google Chrome via Bing in Microsoft Edge brought him to what seems like an official Google Chrome download page. However, this is only true at first glance, and closer inspection shows that the page’s URL is not google.com, but googleonline2018.com.
While the fake page is not exactly the same as the real one, it looks real enough for unsuspecting users to fall for the trap. Clicking on the download button will even start downloading a file called ChromeSetup.exe. However, after inspecting the file’s properties, it is immediately clear that the digital signature belongs to a company other than Google.
The company’s name is Alpha Criteria, and the file is almost certain to be infested with malicious content. Furthermore, Google Chrome has marked the fake website as deceptive, which is why only using Bing can lead users to this page. Additionally, while Bing managed to spread to multiple systems, this page can only appear if this specific search engine is used in Microsoft Edge.
Considering all of this, it becomes evident that Bing is not checking the search results’ URLs. Because of that, fake pages can often trick users into believing that they are legitimate, and infect their devices with malware. The worst part is that this issue was already reported back in April, but despite this, it is still around today.
According to Microsoft spokesperson, the fake website was removed from Bing following the report. In addition, the account associated with this page and content was banned. But, there is still an issue of why Bing marked this ad as if it came from google.com. For a lot of users, this issue is far from resolved, as they have no assurance that a similar ad will not make an appearance again after several months.
While this is not an incident of huge proportions, it still serves as a reminder that the web is very much filled with dangers on every step. Because of this, users should always remain careful when it comes to downloading content or even clicking on seemingly innocent web pages. It appears that not even the ad system can ensure that users will end up on a legitimate website, so constant vigil remains the only defense against malware infiltration.