Hackers Target Chrome Users to Steal Google Passwords
- Hackers are employing a new technique to force Chrome users to reveal their Google account passwords by locking their browsers in kiosk mode.
- The malware, known as StealC, prevents users from escaping this mode, displaying only a login window for Google accounts.
- This credential-stealing campaign highlights the need for users to be vigilant against such attacks and take necessary precautions.
Recent research has uncovered a sophisticated attack targeting users of the Chrome browser, where hackers utilize a technique that locks the browser in kiosk mode. This method effectively traps users in a full-screen mode, preventing them from using the F11 or ESC keys to escape. The only visible element during this attack is a login window, typically for Google accounts, compelling users to enter their credentials. The malware responsible for this attack, identified as StealC, is deployed once the browser is locked. It captures the entered login details and extracts them from the Chrome credential store, sending the information directly to the attackers. This campaign has been confirmed to have been in operation since at least August 22, indicating a persistent threat to users. In addition to the StealC malware, another threat has been identified involving a variant of the TrickMo banking Trojan. This variant masquerades as the Google Chrome app for Android, further complicating the landscape of online security threats. It requests user permissions and guides users to enable accessibility services, making it harder for victims to recognize the malicious intent. Given the increasing sophistication of these attacks, it is crucial for users to remain vigilant and adopt protective measures against such credential-stealing threats. Awareness and proactive security practices are essential in safeguarding personal information online.