Windows
Chrome users: Tech-support scams try new trick to freeze your browser
Get an ad-blocker if you want to dodge tech-support
scammers' latest rapid-download ruse.
Tech-support scammers have developed a new trick to
freeze browsers on a bogus security alert with a number to a fake support line.
The ultimate goal of the browser freeze is to cause
stress to lots of potential victims in the hope some will call the bogus
hotline offered in the alert.
Previously, tech-support scams have used pop-under
windows, pop-up loops, and other shady techniques that aim to prevent users
from closing the bogus security alert page. Scammers frequently use malicious
ads to nudge browser users to booby-trapped webpages that freeze the browser.
A new technique found by researchers at Malwarebytes targets the current
version of Chrome, 64.0.3282.140, on Windows.
This scam works by instructing the browser to
rapidly download thousands of files from the web, which quickly results in
Chrome becoming unresponsive and makes it impossible to close tabs or the window
by clicking the X button.
Malwarebytes' Jerome Segura said that the
booby-trapped pages in this case include code that abuses a web application
programming interface for saving files from the web on the browser.
The code is set to download 'blob' objects at
half-second intervals, leading to a huge number of concurrent downloads that
causes the browser to freeze and a large spike in CPU and memory usage.
The tech-support scam locks up
Chrome with rapid downloads.
Image:
Malwarebytes
Segura contends that given most of these browser
lockers reach users via malvertizing, one effective
method of countering the threat is to use an ad-blocker.
He also notes that people who have landed on one of
these pages can escape them by going to the Windows Task Manager and force
quitting the offending browser processes.
Chrome is often targeted because of its huge number
of users, making it ideal for indiscriminate and widespread attacks that are
usually delivered by malicious ads.