Tuesday, November 12, 2024
Homecyber securityGoogle Chrome Warns of Malicious Files While Downloading

Google Chrome Warns of Malicious Files While Downloading

Published on

Malware protection

Google Chrome has introduced a revamped download experience with comprehensive warnings about potentially malicious files.

This update is part of Chrome’s ongoing effort to keep users secure while interacting with downloaded content.

Last year, Google Chrome unveiled a redesigned downloads interface on desktops, designed to make it easier for users to manage their recent downloads. This new interface offers a more flexible and spacious UI and provides a platform for enhanced security features.

- Advertisement - SIEM as a Service

The redesign allows Chrome to deliver more detailed and nuanced warning messages, helping users make informed decisions about their downloads.

Adding Context and Consistency to Download Warnings

According to the Google blog reports, With the additional space in the new downloads UI, Chrome has replaced its previous warning messages with more detailed ones.

These messages now offer better context about the nature of the threat, enabling users to understand the risks more clearly.

Our legacy, space-constrained warning vs. our redesigned one. The warnings are part of a two-tier system based on AI-powered malware verdicts from Google Safe Browsing:

  • Suspicious Files: These carry a lower confidence verdict and an unknown risk of user harm.
  • Dangerous Files: These have a high confidence verdict and a high risk of user harm.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

The two types of warnings are differentiated by iconography, color, and text, making it easier for users to quickly assess the threat level and decide on the appropriate action.

Differentiation between suspicious and dangerous warnings

Protecting More Downloads with Automatic Deep Scans

For users who have opted into the Enhanced Protection mode of Safe Browsing in Chrome, there is an additional layer of security.

These users are prompted to send the contents of suspicious files to Safe Browsing for deep scanning before opening the file.

This process has proven highly effective, catching new malware and dangerous files that Safe Browsing has not previously encountered. Files sent for deep scanning are over 50 times more likely to be flagged as malware than the average download.

An automatic deep scan resulting in a warning

To streamline this process and reduce user friction, Chrome performs automatic deep scans for Enhanced Protection users rather than prompting each time.

Staying Ahead of Attackers Who Hide in Encrypted Archives

A current trend among attackers is distributing malware in encrypted archives, such as .zip, .7z, or .rar files, which are protected by passwords. This method hides the file contents from Safe Browsing and other antivirus detection scans.

Enter a file password to send an encrypted file for a malware scan

To counter this, Chrome has introduced two protection mechanisms based on the user’s Safe Browsing mode:

  • Enhanced Protection Mode: Users are prompted to enter the file’s password and send it along with the file to Safe Browsing for a deep scan. The uploaded files and passwords are deleted shortly after scanning.
  • Standard Protection Mode: Users are still prompted to enter the file’s password, but in this case, both the file and the password remain on the local device. Safe Browsing checks only the metadata of the archive contents.

Collaborating for Better Security

The Chrome Security team collaborates closely with Google Safe Browsing, Google’s Threat Analysis Group, and security researchers worldwide.

This collaboration helps Chrome stay ahead of attackers by continuously adapting its product strategy based on the latest insights into attack techniques.

Google Chrome’s new download warnings and enhanced security measures represent a significant step in protecting users from malicious files.

By providing more detailed warnings and leveraging AI-powered malware detection, Chrome is helping users make safer choices and stay protected online.

As attackers continue to evolve their methods, Chrome remains committed to enhancing its security features and keeping users safe.  By incorporating these advanced security measures, Google Chrome sets a new standard for user safety in the digital age.

Stay tuned for more updates as Chrome continues to innovate and improve its security protocols.

Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

10 Best DNS Management Tools – 2025

Best DNS Management Tools play a crucial role in efficiently managing domain names and...

Sweet Security Announces Availability of its Cloud Native Detection & Response Platform on the AWS Marketplace

Customers can now easily integrate Sweet’s runtime detection and response platform into their AWS...

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases...

Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays

In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting...