New research has uncovered a new technique used by hackers to force Chrome users to reveal their Google account passwords, writes Forbes*.
The malware, called StealC, locks the browser in kiosk mode, blocking the F11 and ESC keys to prevent users from exiting. The only thing displayed is a Google account login window, compelling users to enter their credentials out of frustration. This method has been active since at least August 22.
Cybercriminals continually look for new and imaginable ways to manipulate their victims into handing over their credentials and other sensitive information. By pressuring people into believing there is no other option than to enter their username and password in order to be released from the window may sound simplistic, but this is exactly the type of tactic threat actors are looking for to prevail.
Luckily, Ctrl + Alt + Delete still triumphs on Windows machines and can usually get users out of such tricky situations by opening a menu that allows you to close a window or restart/shutdown the system. However, if users believe they may be infected, an anti virus scan would be advisable.
by Jake Moore, ESET
*ESET does not bear any responsibility for the accuracy of this information.
ESET Ireland 