Skip to Content

Top Story: Malware strikes Google Chrome users with tricky new technique

Cybercriminals today are more deceptive with their techniques than ever. Some of the fraudulent messages they send through phishing attacks look as close to the real deal as possible. A recent example was a fake Netflix email, tricking customers into revealing their credit card information.

Although, not all scams are initiated through malicious messages. There is a new malware attack involving bait-and-switch websites that you need to know about.

If you are a Google Chrome user, this affects you. Hackers have discovered a way to break into websites that have weak security, so they can fool visitors into downloading malware.

How the malware scam works

Three factors are needed for this scam to be successful:

  1. Victim is using the Chrome Browser on a Windows machine.
  2. Victim lives in an English speaking country – The U.S., U.K., Canada and Australia are being targeted.
  3. Victim is sent to the malicious site through search engine results (You would have to click the link to the site that shows up in a search).

If all of these factors are in place, you could fall victim to this attack.

What’s happening is, hackers are inserting JavaScript into poorly secured websites. If you’re using Chrome and click the link from a search engine result, the script makes the website unreadable. You will see a bunch of gibberish, or “diamonds,” making it impossible to read.

When you realize the page is unreadable, a fraudulent Chrome message appears. It says that “The ‘HoeflerText’ font wasn’t found,” which is why you can’t read the page.  You’re then asked to update the “Chrome Font Pack.”


Image: Fraudulent message asking you to update the Chrome Font Pack. (Source: Proofpoint)

Warning! Clicking on the Update button on this message will infect your gadget with click-fraud adware.

Hidden ads will be loaded and clicked on automatically. This is how the criminal gets paid, by ripping off legitimate ad networks.

At this time the risk to Chrome users is their gadget is infected with click-fraud adware. However, this scheme could change at a moment’s notice. The hacker could change the malicious link into something worse, like encrypting ransomware.

The best defense is knowing what to look for. If you visit a site and it asks you to download a font update, do NOT do it! It’s always better to be safe than sorry.

More stories you can’t miss:

5 Google Chrome tricks you’ll use time and time again

Check whether your email account has been hacked

Secret leaked keys for hundreds of apps make them vulnerable to hacks

Komando Community background

Join the Komando Community!

Get even more digital know-how and entertainment with the ad-free Komando Community! Watch or listen to The Kim Komando Show on your schedule, read Kim's eBooks for free, and get answers in the tech forums.

Join Now