A new malware is tricking users to give away their Google account passwords by locking their browser in kiosk mode until they are forced to log in.
This attack, while simple, is highly effective by exploiting user frustration rather than relying solely on sophisticated technology.
The Technique: Annoyance in Kiosk Mode
StealC’s strategy traps users in Chrome’s kiosk mode, a full-screen mode designed for public or limited-use terminals. Victims are then presented with a Google login screen that looks perfectly legitimate.
What makes the attack effective is that it blocks typical ways to exit kiosk mode, such as pressing F11 or ESC keys. Users who are not tech-savvy may feel trapped, with the only apparent option being to enter their Google account credentials.
Protecting Yourself from These Attacks
Although StealC blocks standard exit methods from Chrome’s kiosk mode, there are still ways to escape:
– Alt + F4: Attempts to close the current window.
– Ctrl + Shift + Esc: Opens the Task Manager, allowing you to force-close Chrome.
– Ctrl + Alt + Delete: Provides access to system shutdown or restart options.
– Alt + Tab: Cycles through open applications to exit the locked screen.
– Win + R: Opens the command prompt to issue commands like `taskkill /IM chrome.exe /F`, which shuts down Chrome.
If all else fails, you can perform a power button shutdown. On reboot, enter Safe Mode and perform a malware scan to remove any lingering threats.
Next Steps
To learn more about how to recognize common threats to your network, contact us at OptfinITy by calling 703-790-0400 or send an email to sales@optfinITy.com today.
Leave a Reply