Tech support scammers often use browser bugs to freeze CPUs or lock users inside tabs as a way to trick victims into believing they have a technical problem and call a tech support number.įixing these browser bugs is a must, and just one of these fixes can cause huge financial losses to cybercriminal gangs and protect thousands of regular users from getting scammed. Tech support scams are a big problem in today's cyber-crime scene, and hundreds of thousands of victims have lost billions of US dollars to these crooks.įor example, just one tech support scam site operator arrested earlier this month scammed victims out of $3 million over the course of four years, which is quite a nice profit. In the grand scheme of things, users might consider this fix trivial, but this is actually a very important fix. The "evil cursor" fix is currently live for Google Canary users, and is scheduled to land in the Chrome 75 stable branch, to be released later this spring. This way, users who land on tech support scam sites operated by the Partnerstroka gang -one of the most active groups around today- will be able to leave these sites without getting locked in. This allows specifying arbitrary images as mouse cursors any image format supported by Gecko can be used. Mac support was added in Gecko 2 (Firefox 4). Nevertheless, after months of tests, Google engineers came up with a compromise that satisfied both Segura's security-related concerns and didn't break existing sites.Īccording to this bug report, Chrome will automatically revert the mouse cursor back to the standard OS graphics when hovering over parts of the Chrome browser interface (tab bar, address bar, menus, etc.) but will keep the custom cursor when hovering the page content. Gecko 1.8 supports URL values for the CSS cursor property on Windows and Linux. The trick was that users would think they'd be clicking where the cursor would appear, but they would actually click in another area of the screen, preventing them from closing popups and browser tabs due to inaccurate clicks. Called an "evil cursor," it relied on using a custom image to replace the operating system's standard mouse cursor graphic.Ī criminal group that Malwarebytes called Partnerstroka operated by switching the standard OS 32-by-32 pixels mouse cursor with one of 128 or 256 pixels in size.Ī normal cursor would still appear on screen, but in the corner of a bigger transparent bounding box. The trick was first document back in 2010, but only recently entered the arsenal of tech support scammers -in September 2018, when it was spotted by Malwarebytes analyst Jerome Segura. Google has patched a Chrome bug that was currently being abused in the wild by tech support scammers to create artificial mouse cursors and lock users inside browser pages by preventing them from closing and leaving browser tabs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |