Every time the public starts to get savvy about a digital scam, hackers come up with new methods of trickery. One of the latest in a long stream of cons specifically targets Google Chrome users.
The old tech support scam.
This particular hack is a new take on an older one usually referred to as “malvertising.” This older hack would use infected ads and adware to force the user’s web browser to a site that would install spyware onto the computer.
As part of the older hack, the computer could also be inundated with pop-up ads that overwhelmed the computer to the point that it crashed. This hijacking of the browser is also referred to as “browser locking” where the computer user is encouraged to call a tech support number. Of course, once you call that helpful number to talk to tech support, they may either require you to buy new “anti-virus software” by giving them your credit card number (which they will steal) or else they will state that they will need to take “remote access” of your computer which will give them complete access to your computer’s files.
What is the latest tech support scam?
This new version has been called the “evil cursor” and it attacks the current version of Google Chrome (version 69.0.3497.81). If you are hit by this particular hack, you will find your browser controlled and redirected to ads that contain malware infections.
Currently, this particular hack has been linked to over 16,000 malicious sites. A close examination of the code used shows one major difference from all the other browser-lock hacks, in that this one gives the hacker the ability to hijack your mouse.
Once the user’s mouse is hijacked, the user cannot leave the fraudulent website that the browser has been redirected to. They may click on the close button to shut down the browser entirely, but the mouse will only appear to click on this spot. Instead, an HTML code in the program creates a mouse cursor that is incredibly low-resolution and transparent so that the user cannot actually see it. In this way, the user can be made to click on something else (such as a download) that they don’t want to click on.
One of the biggest cyber hacks researchers are seeing.
Independent researchers have referred to this as one of the biggest hacks they’re currently seeing. The total number of infected computers is unknown, but there seems to be constant activity of this sort that shows that the campaign is thriving.
And the hack is not limited to the original hackers who created the malicious code. It has now made its way to other hacking outfits as well. Adding to the potential harm, Chrome’s security flaw has not been fixed as of yet.
What you can do to protect yourself from a tech support cyber attack.
This only goes to underscore the importance of following Internet safety protocols to keep yourself from being hacked.
– Always make sure you keep your security and anti-malware software updated.
– Do not click on any suspicious links that may redirect you to malware sites.
– And with this particular hack, remember that the infection works through your browser and not through your computer’s operating system.
If you find yourself unable to close your browser with the mouse, use your computer’s force quit option to manually shut down the browser.
Finally, it’s always a good idea to educate yourself and learn not to panic when find yourself the victim of an attack. If you lose your cool, you may not think clearly, which could lead to your being duped by a hacker posing as a helpful “tech support” guy.
INSUREtrust provides information about cyber security so you can better protect yourself and your business from attacks. Do you have questions about how to take your cyber security to the next level? Contact us for a free consultation.