Warning: Convincing Chrome 'Font Update' a Trojan
Chrome browser users have been warned to watch out for a sneaky malware attack. The trick involves a bogus on-screen message that claims the user needs to download a missing font.
The people responsible are using hacked websites on the WordPress platform to operate the scam. They've altered the page so that the text appears to have been corrupted and is made up largely of symbols such as black diamonds and question marks.
The page then displays an on-screen message that's carefully designed to look like a genuine Chrome error message, complete with the correct logos, shapes and even the right shade of blue.
HoeflerText Listed As Missing
According to the message, the web page is displayed incorrectly because the "HoeflerText" font is missing. It says the user needs to update the "Chrome Font Pack." Clicking on the update button actually downloads an executable file and if the user opens this file, malware is installed on their computer.
Examples of the fake error message are as follows (click the links): the "HoeflerText font wasn't found" page and the fake error window - full credit goes to Mahmoud Al-Qudsi of Neosmart.net for the images.
Exactly what that malware is appears to vary from case to case. In some incidents it is adware, which uses the computer's connection to make bogus 'clicks' on online ads to try and boost online ad revenue for the authors responsible for the malware. In others, it appears to be ransomware that can encrypt the user's files until they pay a fee to unlock them.
According to security writer Mahmoud Al-Qudsi, the malware won't necessarily get caught because it is too new to be on the blacklists of some major security software. The good news is that Chrome itself will give a warning that the "file is not downloaded often" and therefore might be suspicious. According to the author of the article, he has submitted the infected .EXE file to Chrome's Security Team for further investigation. (Source: neosmart.net)
Font Update Unnecessary
There's also a mismatch between the filename listed on the on-screen prompts (Chrome_Font.exe") and the name of the file that actually downloads ("Chrome Font v7.5.1.exe") though it's unlikely most people would spot this. (Source: thenextweb.com)
While the message looks plausible, in reality there is no update mechanism for a "Chrome Font Pack." The way the web browser works is to analyze the content and organization of a page (such as the actual words used and its layout) and then display it on the screen. If a browser is unable to display the specific font preferred by the website designed, it will use the best available alternative.
What's Your Opinion?
Have you come across this erroneous "error message?" Would you have fallen for it if you didn't know about the scam? Could browser makers do more to prevent such scams?
Infopackets Top Windows 10 FAQs
How to Upgrade from Windows 10 32-bit to 64-bit
How to Fix: Windows 10 Antivirus Missing, Not Compatible
How to Fix: Windows 10 Display Shifted; Screen Fuzzy
How to Upgrade Windows 7, 8 32-bit to Windows 10 64-bit
to Downgrade from Windows 10
- How to Fix: Windows 10 Upgrade Failed Error C1900208
- How to Fix: Windows 10 Upgrade Failed Error 80240020
- Can I Cancel my Windows 10 Reservation and Reserve Later?
- How to Clean Install Windows 10 using Windows 7, 8 License
- Will Windows 10 Install Automatically?
- Windows 10 Upgrade: Do I have to Reinstall Programs?
- Windows 10 Upgrade: Can I choose 32-bit or 64-bit?
- Which Version of Windows 10 Will I Get (Home or Pro)?
- How to Reserve Windows 10 Upgrade (Free)
- How to Fix: CPU Not Compatible with Windows 10 Error
- Windows 10 Upgrade: Can I keep my Old Windows Install?
- How to Cancel Windows 10 Reservation (Properly)
- Download Windows 10 .ISO (DVD) for Clean Install?
- Microsoft: Windows 10 Will Be The Last Version
- Does Windows 10 require the CPU to support PAE?
- Windows 10: Can I Upgrade or do I need a Clean Install?
Click here for more Windows 10 articles.