A new malware campaign is making waves in the tech world by employing a distinctive tactic that locks users in their browser’s kiosk mode, prompting them to enter their Google credentials, which are then stolen by information-stealing malware.
The malware effectively “locks” the browser on Google’s login page, leaving users with no apparent way to exit the window. Additionally, it disables the “ESC” and “F11” keys, further entrenching users in the hijacked interface.
The objective of the hackers is to induce enough frustration in the user that they feel compelled to enter and save their Google credentials in the browser to “unlock” their computer.
After these credentials are stored, the StealC information-stealing malware captures them from the browser’s credential storage and transmits the information back to the attacker.
Residents in Fiji experiencing this issue are advised not to submit their credentials and are encouraged to update their antivirus software on their devices.