Jump to content

New Chrome Malware Is The “Snipe Hunt” Of Scams


tao

Recommended Posts

Imaginary font message fools the unwary…

 

There’s a new Google Chrome malware scam making the rounds, one that alerts users to a dangerous situation: the “HoeflerText font” cannot be found. Fortunately, there’s a handy update button in the popup box to help remedy this imaginary problem. Clicking the update button installs a trojan or even the Spora ransomware.

 

It works by inserting Java script into websites with vulnerable security flaws, something that you don’t have any way of knowing. All you know is the website you’re trying to access is nothing but gibberish (hence, the font can’t be found) and you click the update, hoping to read the website.

 

Think of it as being the ‘snipe hunt’ of scams… Snipe hunts are a lot of fun, well, for everyone except the victim. If you’ve never been invited along on one of these late-night (usually alcohol-fuelled) expeditions, it works like this: you bring an unsuspecting friend out into the woods. You give him a giant stick and a sack to put the snipe in, then teach him the very specific and idiotic snipe call. After leaving him to his serious work, you try not to laugh as you record him yelping and flailing his arms, in an attempt to lure an imaginary animal closer. There are bonus points involved if you manage to also frighten him in the darkened forest.

 

Fortunately, there are a few ways to avoid it. Even if you don’t know that you’re not actually missing your HoeflerText capabilities, TheHackerNews has pinpointed these identifiers:

 

  • “First of all, the dialog window has been hard-coded to show that you are running Chrome version 53 even if you actually aren’t, which might be a clue that something is not right.”
  • “Secondly, there’s an issue with the filenames: Clicking the ‘Update’ button proceeds to download an executable file titled ‘Chrome Font v7.5.1.exe.’ But this file is not the one shown in the malicious instruction image, which reads ‘Chrome_Font.exe.'”
  • “Chrome browser doesn’t flag the file as malware, but the browser does block it because the file is not downloaded too often, which is a standard warning.”

 

Remember, Chrome is already complete for operation, meaning there’s no need to fall for an update to add on additional fonts. Even if a future variation on this doesn’t specifically mention “HoeflerText,” if you’re directed to add the “Chrome font pack,” it’s a scam.

 

Here  >

 

 

 

Link to comment
Share on other sites


  • Replies 3
  • Views 381
  • Created
  • Last Reply
9 hours ago, adi said:

Imaginary font message fools the unwary…

 

The problem with articles like this is that geeks see and read them but geeks are the same people who would never fall for this to start with.  Unfortunately the majority of chrome users aren't geeks and would gladly install Chrome's Font Pack thinking it was just a Chrome update.  The fact that the browser warns you that the file isn't downloaded often doesn't mean anything to most users except maybe they are the first to get the update.  Trying to think like a normal user and not a geek is something security officers have been trying to do for years in order to protect their users and something that is very difficult to do as has been proven time and time again.  Just about the time you think 'no user would ever do that' one does.

Link to comment
Share on other sites


27 minutes ago, David said:

its an important notice... if you want people to read copy this to facebook :)

(Not being a social-media fan and not a member, hence; and) Being a member only of this forum; perhaps a Facebook account holder could do what you suggest, David.  Thanks.  :D

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...