Black Bear MSSP Blog Spot

New Browser Hijacker

Written by Michael Cullen | Nov 1, 2024 4:42:45 PM

 

 

 

Download my Ultimate Guide to Ransomware NOW!

There's a new browser hijack threat!

From the Desk of Black Bear MSSP

Beware of Annoying Malware that Tricks You into Giving Up Login Details

When it comes to online security, you and your team likely know the basics: avoid phishing scams, steer clear of suspicious downloads, and don’t click on unknown links. But a new type of malware takes a sneakier approach, aiming to frustrate you into handing over your Google login details.

This malware, part of a larger threat family called Amadey, has been on the rise since August and uses a trick called "kiosk mode." Typically, kiosk mode restricts a computer to only one window, often in full-screen mode—a feature usually intended for public-use devices. In this case, the malware locks your browser in full screen, hiding navigation buttons, the address bar, and menus. Then, it redirects you to a fake Google password reset page.

At first glance, you’d likely try pressing Esc or F11 to exit full screen. But once infected, these keys won’t work. The malware is designed to make you think that entering your login details is the only way out, tricking you into typing your password on a bogus page.

Once you enter your credentials, a second malware component running in the background captures and sends them straight to cybercriminals. It’s a clever but unnerving tactic.

How to Get Out of the Trap

If you find your browser stuck in full screen and suspect malware, here’s what you can do to escape:

  • Try pressing ALT+TAB to switch tasks.
  • Use ALT+F4 to force close the browser window.
  • Open your Task Manager with CTRL+ALT+DELETE and close the browser process from there.

If these steps don’t work, restart your computer by holding the power button. Then, have an expert assess and remove the malware.

Preventing Future Infections

The best defense against malware is to stay vigilant. Be cautious if your computer starts behaving oddly, especially if your browser unexpectedly enters full-screen mode without a clear reason. Avoid clicking on unfamiliar links or downloading attachments from unknown sources. Most importantly, never enter login credentials unless you’re absolutely certain of the site’s legitimacy.

If you’d like a professional team to help your organization stay ahead of these evolving threats, get in touch. We can train your staff on the latest scams and security practices to keep your data safe.