Proofpoint security researchers discovered a new malicious campaign that targets Chrome users running the Windows version of the browser. Find out more about the vulnerability and the criminal intentions of the hackers in our article.
A new Malicious Campaign Sweeps on Google Chrome Users
Experts from Proofpoint security discovered a new dangerous malware campaign. Hackers used the Google Chrome browser running on the Windows operating system to deliver a new attack. This time they are using a clever social engineering trick mixed up with some malicious code.
The hackers used a simple script that substitute HTML tags on a crafted page with these symbols “& # and 0”. The displayed content as a result becomes illegible and turns into blocks of texts of unreadable information. In these cases the users react as if they have rendering and font-related problems.
The criminals add a popup window that informs the victims that their computer “do not support the required font”. To display the contents of the compromised site they are redirected to download and install the additional “font”. This font downloads leads to a malware infection that may include ransomware and other types of viruses.
The criminals have used this tactic to infect not only ordinary static and dynamic sites, but also CMS sites hosted on WordPress and Joomla. A small portion of the infected sites redirect to other malicious sites that are used by exploit kits to host various viruses. According to the analysis the associated victims are carefully selected via a predefined criteria. Only a selected portion of Chrome users running on the Windows platform are compromised.
Why This Selective Google Chrome Malicious Campaign is Effective
Such tricks are very efficient at easily infecting the users. Font rendering and proper character encoding was an issue in the early days of the Internet where the sites didn’t correspond to many of the set standards by the W3C. As such many users were forced to change settings on their browsers or download additional fonts to view certain sites. Nowadays this problem is nearly eradicated. Prompts that require the users to download additional fonts would not come in the manner that is presented by this malicious campaign. However the way the pages are displayed is pretty convincing and it may even deceive experienced computer users.
This is why computer users should use a trusted security solution which can protect against all forms of malware.
SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter