Tech-support scammers have developed a new trick to freeze browsers on a bogus security alert with a number to a fake support line.
The ultimate goal of the browser freeze is to cause stress to lots of potential victims in the hope some will call the bogus hotline offered in the alert.
Previously, tech-support scams have used pop-under windows, pop-up loops and other shady techniques that aim to prevent users from closing the bogus security alert page.
Scammers frequently use malicious ads to nudge browser users to booby-trapped webpages that freeze the browser.
A new technique found by researchers at Malwarebytes targets the current version of Chrome, 64.0.3282.140, on Windows.
This scam works by instructing the browser to rapidly download thousands of files from the web, which quickly results in Chrome becoming unresponsive and makes it impossible to close tabs or the window by clicking the X button.
Malwarebytes’ Jerome Segura explains that the booby-trapped pages in this case include code that abuses a web application programming interface for saving files from the web on the browser.
The code is set to download ‘blob’ objects at half-second intervals, leading to a huge number of concurrent downloads that causes the browser to freeze and a large spike in CPU and memory usage.
Segura contends that given most of these browser lockers reach users via malvertizing, one effective method of countering the threat is to use an ad-blocker.
He also notes that people who have landed on one of these pages can escape them by going to the Windows Task Manager and force quitting the offending browser processes.
Chrome is often targeted because of its huge number of users, making it ideal for indiscriminate and widespread attacks that are usually delivered by malicious ads.
Previous and related coverage
Google Chrome: Beware these malicious extensions that record everything you do
Developers of malicious extensions are testing new session-replay technique to record and replay victims’ online sessions.
Google Chrome can now spot even brand new phishing pages
Google has rolled out two new tools to combat phishing, and upped Gmail security.
Google: Chrome is backing away from public key pinning, and here’s why
Google wrote the HTTP public key pinning standard but now considers the web security measure harmful.