• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 23rd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Chrome Users Beware- Do Not Fall Prey to Missing Font Malware Campaign

February 22nd, 2017 Waqas Malware, Security 0 comments
Chrome Users Beware- Do Not Fall Prey to Missing Font Malware Campaign
Share on FacebookShare on Twitter

Chrome has remained the eye-candy of cyber-criminals lately and the latest hacking campaign is a clear proof of that. NeoSmart Technologies, a renowned cyber-security firm, has identified the presence of a new hacking campaign using JavaScript to manipulate the text on a compromised WordPress website. This way, the malicious code is disguised and as the victims try to modify the text, the malware gets installed on the computer.

More: Fake Chrome Update Leads to Android Malware Stealing Personal Data

This screenshot shows the hacking tactics of the attackers:

Image Source: NeoSmart

According to their research, Chrome users are mainly being lured to download a missing font. However, this is just a trick and the actual purpose is to get the malware installed on their systems. This campaign was identified by NeoSmart Tech while exploring a WordPress website, which was seemingly compromised as all the text on the site appeared to be mixed-up and then the site’s visitors were prompted to install a missing font to fix the issue. To do this, the victim will have to update the Chrome font pack.

It does seem like a pretty decent trick to lure users into downloading malware primarily because the dialog window that appears to request users for installing the missing font has been designed like the genuine Chrome message window containing the same shade of blue color on the Update button and the logo on one side. However, no ploy can be fool-proof and in this particular case as well there are certain loopholes.

Firstly, the dialog window states that the victim is using Chrome version 53 even if it is not true. Furthermore, when you click on the Update button, it will proceed to ChromeFontv7.5.1.exe, which is an executable file. The name of the file is different from the one mentioned in the dialog box and promised to be downloaded, which is Chrome_Font.exe.

Image Source: NeoSmart

[fullsquaread][/fullsquaread]

More: Facebook ‘Comment Tagging Malware’ Spreading via Google Chrome

The file has been blocked by Chrome and users are also being warned by the browser as they are being advised to ignore the file completely. On the other hand, a VirusTotal scan has revealed that out of the 59 antivirus scanners, 9 have identified the file as a potentially threatening malware. It must be noted that there is no need to update Chrome’s font pack at all as there is no issue with it and in case you visit a site showing similar update pop up you know what to do. 😎

  • Tags
  • Chrome
  • hacking
  • internet
  • Malware
  • Privacy
  • security
  • Wordpress
Facebook Twitter LinkedIn Pinterest
Previous article BugDrop Malware Campaign Obtains Data by Compromising PC Microphones
Next article How to Install TOR on Android and iOS Devices
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Hacked Android phones mimicked connected TV products for fake ad views

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads

Play Store apps plagued with malware have 700,000 downloads

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hacked Android phones mimicked connected TV products for fake ad views
Cyber Crime

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool
Hacking News

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads
Security

Play Store apps plagued with malware have 700,000 downloads

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us