Tech Support Scammers Freeze Victim Computers

Scammers that pose as tech support staff and provide counterfeit tools have developed a new way to deceive the victim users, this time by abusing a bug in the HTML5 implementation of the major web browsers that causes the computers to freeze.

HTML5 Bug Leveraged By Tech Support Scammers To Freeze Victim Computers

The famous tech support scam scheme has evolved quite a bit as security experts have uncovered a dangerous new tactic that is used against the target victims. Until now one of the most popular ways to gain the user’s trust was by using malicious ads that are popularly installed by browser hijackers or navigated to by redirect links and untrusted sites.

The way this scam works is by tricking the user into thinking that they are infected in a virus. Various malicious ads and aggressive sites use pop-ups and other means to blackmail the user into believing that there is a legitimate threat.

Through the years we have seen all kinds of scenarios used by hackers – impersonating legitimate companies and products or even government agencies.

This time we have spotted something new, malicious web sites that crash the web browsers and then use social engineering tricks on the victims by stating that the problem was due to a virus threat. In fact the problem lies in the rendering engine used by the web browsers which displays the HTML5 code. This works on all popular browsers including Google Chrome, Mozilla Firefox and Safari.

The flaw was identified two years ago, in July 2014, and relies on a code that abuses the history.pushState() method. This injects the coded data into the session history stack.

According to the documentation the browser doesn’t technically crash, rather it just hangs its operation. However the scammers want to make the users think that there is something very wrong with their computer, that they are infected with dangerous viruses (or even ransomware) and that the only solution to their problem lies in downloading or executing a file that they link to. This is the actual malicious code.

In some of the cases that we have observed the hackers also link to other malicious sites which use various tricks to cause the victim systems to hang using other means.

How To Protect Yourself From Tech Support Scammers and Malware

Its best if you use a good anti-spyware solution to protect yourself from such threats as they can be as intrusion vectors for ransomware, browser hijackers and Trojans. You can rely on a trusted software application that has proven itself to remove all dangerous malware. For more information click here.

Author : Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.


Related Posts