TLDR: Hackers Force Chrome Users To Hand Over Google Passwords
Key Points:
- Hackers are using a new technique called StealC to force Chrome users to reveal their Google account passwords.
- A credential-stealing campaign locks the user’s browser in kiosk mode and displays a fake login window.
Article:
In a recent article, it was revealed that hackers are using a devious new technique to force Chrome users to reveal their Google account passwords. This campaign, known as StealC, locks the user’s browser in kiosk mode while displaying a fake login window. The victim is then forced to enter their credentials, which are then stolen by the malware.
The attackers leverage the Amadey hacking tool to deploy the StealC malware and a credential flusher. The credential flusher is not a credential stealer itself but forces the victim to enter their login details. Once entered, the malware steals the passwords from the Chrome browser’s credential store.
In addition to the StealC campaign, Chrome users also face another threat from a new variant of a banking Trojan called TrickMo. This variant pretends to be the Google Chrome app for Android and uses various techniques, including HTML overlay attacks, to steal account credentials.
To mitigate these attacks, users are advised to exit kiosk mode using hotkey combos or the Task Manager. Additionally, users should only download Android software from the official Play Store to avoid falling victim to TrickMo.
Overall, staying vigilant and following best security practices is essential to protect against these evolving threats targeting Chrome users.