A new malware campaign is making waves in the tech community by employing an unconventional method to lock users in their browser’s kiosk mode. This technique is designed to pressure users into entering their Google credentials, which are subsequently stolen by information-stealing malware.
This malware effectively “locks” the user’s browser on Google’s login page, making it nearly impossible to close the window. It disables standard exit options, including the “ESC” and “F11” keys, trapping the user in the browser.
The attackers aim to provoke enough frustration that users will enter and save their Google credentials in an attempt to “unlock” their computers. Once the credentials are saved, the StealC malware collects this information from the credential store and transmits it back to the attackers.
Residents in Fiji encountering this issue are advised not to submit their credentials and to ensure their anti-virus software is up to date on their devices.