Security researchers claim cybercriminals are getting more aggressive in an attempt to target computer users. The researchers reveal they have discovered a new hacking vector for Google Chrome browser that prompts users to download a ‘Missing font’ and then tricks them into installing malware on their systems.
Giving more details about this new mode of attack, researchers said that hackers can inject script into poorly-protected web pages. The script, which targets the Chrome browser on Windows can rewrite the compromised website on the victim’s browser to make the page unreadable and creates a fake issue for the user to resolve.
Font Wasn’t Found Google Chrome malware scam
The incident came to light when Mahmoud Al-Qudsi, a researcher while browsing an unnamed WordPress website noticed it was already compromised.
He wrote,
Today while browsing a (compromised) WordPress site that shall remain unnamed, I came across a very interesting “hack” that was pulled off with a bit more finesse than most of the drive-by-infection attempts. This one relies on using JavaScript to change the text rendering, causing it to resemble misencoded text with symbols and rubbish in place of the content, then prompts the user to update “Chrome’s language pack” to fix the problem.
Unlike other attacks, what makes this one so special is the ingenious hacking vector employed for the purpose. It makes the attack very well-disguised. In addition to the credible premise of ‘missing font,’ the dialog window is formatted to such an extent that it accurately resembles an actual Chrome pop-up. Besides, it depicts the correct logo as well as the correct shade of update button.
Apart from the vector used what is worth noticing here the degree of social engineering involved in the scam. Threat actors instead of issuing threats are luring users into loading the malware themselves, reports Neosmart.