Have you accidentally ever got a pop-up telling you to download a missing Chrome font pack.
Don’t ever try to download and install it. It’s a hacking scam.
Attackers are targeting Google Chrome users with this new hacking trick which is easy to fall, promoting users to download a fake Chrome font pack update tricking users into installing malware on their systems.
How The Scam Works:
Security firm NeoSmart Technologies recently identified the malicious campaign while browsing unnamed WordPress website which had been already compromised.
It’s a “The ‘HoeflerText’ font wasn’t found” scam.
A pop-up window appears saying “The ‘HoeflerText’ font wasn’t found, please download and update it, if clicked, it actually installs a trojan on the victim system.
The scam is also used to infect the victim computer with Spora ransomware.
Spora ransomware is one of the most famous ransomware for this type of scam campaign and it has been discovered at the start of this year with a very well-designed ransom payment portal, advanced crypto, and another unique feature of Spora is a real-time chat window where victims can get in contact with ransomware operators.
A user can identify this scam by below methods:
1) It hard-coded to show you that you are running Chrome version 53 even if you are not actually using it, verifying it you will able to know that something is wrong and fishy.
2) The issue with the file name. Clicking update button proceeds to download an executable file named as “Chrome Font v7.5.1.exe.” But the file name is not the one shown in malicious page image which is “Chrome_Font.exe.”
Chrome may give you a standard warning while downloading Chrome Font v7.5.1.exe. even after you fails to recognise it.
Chrome doesn’t flag the file as malware, but the browser does block and gives a standard warning “the file is not downloaded too often”.
Virus total shows only 9 out of 59 antiviruses software identifies the file as a malware, a test done by NeoSmart Technologies.
Chrome have everything preinstalled, so there is no need for any other font pack and never get fell into this type of scam asking you to update your Chrome font pack.
Users are advised not to download any file which looks suspicious on their systems and keep their antivirus up-to-date.
Stay Safe And Stay Updated With Techposts.net