The Download Bomb browser exploit has returned and is disrupting major web browsers. Among those affected are Google Chrome, Mozilla Firefox, and Opera. Yes, they are the main rivals of Microsoft Edge. However, Microsoft’s browser is unaffected and immune to the exploit.
Download Bomb is the name given to an exploit technique that initiates hundreds or even thousands of downloads. The idea is the bomb will freeze the browser on a specific page. Once frozen, users are prompted to call a “Tech Support” to unlock the browser.
It is a simple technique that has been used for years by scammers to trick unwitting users. In terms of these exploits, it is always worth remembering that a vast majority of internet users are not experts or capable of understanding if they are being tricked.
Google said earlier this year it has solved the problem in its Chrome browser, but it seems Download Bomb reports continue. Through the release of Chrome 67, the latest version, the flaw has been reopened. The exploit still also happens on Mozilla’s Firefox and Opera.
While it is likely Google will shut this door eventually, Microsoft Edge is the only game in town amongst big browsers stopping this exploit.
Of course, one reason is not enough to switch to Edge, especially when avoiding this exploit mostly involves staying away from websites that you are unfamiliar with or you do not trust. Conversley, it also does not mean you should avoid Edge, which has improved but still lacks some of Chrome’s abilities.
Avoidance
It is also worth noting that Edge is not without its own security concerns. Which ever browser you choose to use, in terms of this topic the goal should be to avoid a Download Bomb. On Edge you won’t have to worry about, but what if your browser is Chrome, Firefox, or Opera?
Well, if you come across a website that you think may be initiating a Download Bomb, close the tab ASAP. The bomb exploit only works once a page is fully loaded. Still, the best way to avoid the exploit is to carefully monitor which websites you visit and only use locations you trust.
