In the tech industry, there is growing concern over a new malware campaign that employs a unique tactic of trapping users in their browser’s kiosk mode. This strategy aims to coax individuals into providing their Google credentials, which are subsequently stolen by information-stealing malware.
Specifically, this malware prevents users from closing their browser window by locking it on Google’s login page. It also disables the “ESC” and “F11” keyboard keys to hinder escape attempts.
The attackers aim to frustrate users to the point where they feel compelled to enter and save their Google credentials in the browser, believing this will help them regain control of their device.
Once the credentials are saved, the StealC malware extracts this information from the browser’s credential store and sends it back to the hacker.
Residents in Fiji encountering this issue are urged not to enter their credentials and to ensure that their antivirus software is current.