Clever:

A malware campaign uses the unusual method of locking users in their browser’s kiosk mode to annoy them into entering their Google credentials, which are then stolen by information-stealing malware.

Specifically, the malware “locks” the user’s browser on Google’s login page with no obvious way to close the window, as the malware also blocks the “ESC” and “F11” keyboard keys. The goal is to frustrate the user enough that they enter and save their Google credentials in the browser to “unlock” the computer.

Once credentials are saved, the StealC information-stealing malware steals them from the credential store and sends them back to the attacker.

I’m sure this works often enough to be a useful ploy.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Over 40% of Firms Struggle With Cybersecurity Talent Shortage

February 21, 2024 0 Comments 0 tags

Kaspersky’s recent report said the shortage is particularly acute in Europe, Russia and Latin America

Read More

US Unveils $50M Program to Help Hospitals Patch Cybersecurity Gaps

May 22, 2024 0 Comments 0 tags

The US government UPGRADE program aims to automate vulnerability management in hospital environments, ensuring minimum disruption to services

Read More

Agencies to turn toward ‘skill-based hiring’ for cyber and tech jobs, ONCD says

April 29, 2024 0 Comments 0 tags

Federal agencies by next summer will embrace skill-based hiring — rather than hiring based on degrees or years of experience — for IT jobs that today total nearly 100,000 federal

Read More