An annoying new kind of malware locks your browser to steal Google login details

Cybersecurity researchers have recently spotted a new piece of malware that steals people’s Google login credentials by boring them into submission.

It is an unusual tactic, with no clear statistics about its effectiveness. In any case, the malware does not have a specific name, but is part of the Amadey malware loader. It was discovered by cybersecurity researchers from OALABS, who claim the campaign has been active since late August this year.

Besides the unnamed malware (coming in the form of a AutoIt script), the loader also deploys the StealC infostealer, which is used later in the attack.

Multiple workarounds

When the malware infects a device, it brings up its browser in kiosk mode – a feature that allows the browser to run in full-screen mode without any user interface elements like address bars, toolbars, or menus. It’s typically used in public or restricted environments (think – kiosks), where users need access to a limited set of functionalities, such as accessing a specific website or web application without the ability to navigate elsewhere.

It then forces the browser to visit a page where users go to reset their Google password. That page first requires the user to enter their old password which, during the process, is grabbed by the StealC infostealer and relayed to the attackers.

Besides opening the browser in kiosk mode and preventing victims from accessing the navigation bar, the malware also disables the Escape and F11 keys. That way, computer users who aren’t that tech-savvy will think the only way to move past the Google screen is to type in their login credentials.

That is obviously not the case, and the browser can easily be circumvented with ALT+TAB, CTRL+ALT+DEL, ALT+F4, and many other keyboard shortcuts. Alternatively, holding down the power button (or unplugging the device, in case it’s a PC) will reset it. All of these alternatives are better than giving away your login credentials to crooks.

Via BleepingComputer

More from TechRadar Pro

https://cdn.mos.cms.futurecdn.net/S2k99RTyJJhGbDwQRHUsyg-1200-80.jpg

Source link

Storm vs Panthers: live streams 2024 NRL Grand Final

Brighton vs Tottenham live stream: Premier League 2024/25

Look De Vega and Sosie start as favorites at Longchamp Racecourse. Here’s how to watch a Prix de l’Arc de Triomphe live stream from...

Apple Intelligence’s release date is almost here – why it’s a bigger deal than you think

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

People are driving through flames to escape this California wildfire

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

‘Heathers’ is still the best dark comedy about high school hell

Trump vs. Harris: How the election will affect EV adoption

Lumwana’s Super Pit Expansion Officially Launched By Investing.com

How Biden could use a 1947 law to suspend the dockworkers’ strike

Why your Roth IRA conversions could have ‘unintended’ tax consequences

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

An annoying new kind of malware locks your browser to steal Google login details

Storm vs Panthers: live streams 2024 NRL Grand Final

Brighton vs Tottenham live stream: Premier League 2024/25

Look De Vega and Sosie start as favorites at Longchamp Racecourse. Here’s how to watch a Prix de l’Arc de Triomphe live stream from...

Apple Intelligence’s release date is almost here – why it’s a bigger deal than you think

Leave a reply Cancel reply