Security News Chrome Users Targeted with Malware via New "Font Wasn't Found" Technique

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
... some quotes from the article above:

Google Chrome users need to be on the lookout for websites trying to trick them into downloading a font update package for their browser, as most chances are that the file is laced with malware.

This infection technique was discovered by Proofpoint researchers, who say that only Chrome users on Windows are targeted, only from specific countries, and only if they navigated to a compromised website using a specific route (referrer), such as search engine results.
Click to expand...

Chrome users infected with Fleercivet click-fraud malware

These recent "font wasn't found" attacks on Chrome users are different because they rely on users clicking a download button, something that doesn't guarantee the same high level of successful infections that exploit kits assure.
Proofpoint says that the font update packages that users download via this technique are infected with the Fleercivet click-fraud malware, which works by navigating to preset URLs and clicking on hidden ads behind the user's back, earning crooks money.
This same malware was advertised on underground cybercrime services under the name of Simby in early 2015, and Clicool in late 2015 and in 2016.
Click to expand...
 
  • Like
Reactions: Solarquest, Niente, silversurfer and 6 others
Parsh

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
Has less methodological chances (scope wise) of infection of course but the message may sound somewhat trustworthy for some users when visiting new/unknown sites, as one can relate it to 'font missing/ not found' issue they face in other apps like Office suites.
Yet, such suspiciously offered downloads should be enough alert for the user!
Either deep technology or psychology of fear and wanting will always be exploited like this.
 
Last edited:
  • Like
Reactions: Solarquest, LASER_oneXM, silversurfer and 3 others
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
New techniques, old tricks to get users to install some Chrome_Font.exe.

Google Chrome users, I advise not to disable Safe Browsing as this WILL protect you many a time.

upload_2017-1-18_15-9-30.png

Find out more about Safe Browsing by Google | Link

I usually download fonts as either .TTF or .OTF for Windows, not an .EXE.
 
  • Like
Reactions: Exterminator, Solarquest, LASER_oneXM and 6 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
Malware News New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide
Replies
2
Views
961
Security News
nicolaasjan
nicolaasjan
silversurfer
    • Like
    • +Reputation
Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique
Replies
0
Views
965
News Archive
silversurfer
silversurfer
silversurfer
    • Like
    • +Reputation
New IcedID variants shift from bank fraud to malware delivery
Replies
0
Views
834
News Archive
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top