A new malware campaign is causing concern in the tech community by employing a unique strategy to lock users into their web browsers’ kiosk mode. This tactic aims to pressure users into providing their Google credentials, which are subsequently stolen by information-stealing malware.
Specifically, this malware locks the user’s browser on the Google login page, making it nearly impossible to close the window. It disables both the “ESC” button and the “F11” keyboard keys, trapping users in the process.
The objective of the hackers is to create enough frustration that victims feel compelled to enter and save their Google credentials in the browser, under the guise of needing to “unlock” their device.
Once the credentials are saved, the StealC malware retrieves them from the credential storage and sends the information back to the attackers.
Residents in Fiji who encounter this issue are cautioned not to enter their credentials and are advised to ensure their anti-virus software is up to date.