Malware News Malware locks browser in kiosk mode to steal Google credentials

Gandalf_The_Grey

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
Content source
https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
A malware campaign uses the unusual method of locking users in their browser's kiosk mode to annoy them into entering their Google credentials, which are then stolen by information-stealing malware.

Specifically, the malware "locks" the user's browser on Google's login page with no obvious way to close the window, as the malware also blocks the "ESC" and "F11" keyboard keys. The goal is to frustrate the user enough that they enter and save their Google credentials in the browser to "unlock" the computer.

Once credentials are saved, the StealC information-stealing malware steals them from the credential store and sends them back to the attacker.
Click to expand...
Users who find themselves in the unfortunate situation of getting locked in kiosk mode, with Esc and F11 not doing anything, should keep their frustration in check and avoid entering any sensitive information on forms.

Instead, try other hotkey combos like 'Alt + F4', 'Ctrl + Shift + Esc', 'Ctrl + Alt +Delete', and 'Alt +Tab.'

Those may help bring the desktop on the foreground, cycle through open apps, and launch the Task Manager to terminate the browser (End Task).

Pressing 'Win Key + R' should open the Windows command prompt. Type 'cmd' and then kill Chrome with 'taskkill /IM chrome.exe /F.'

If all else fails, you can always perform a hard reset by holding the Power button until the computer shuts down. This may result in losing unsaved work, but this scenario should still be better than having account credentials stolen.

When rebooting, press F8, select Safe Mode, and once you're back on the OS, run a full antivirus scan to locate and remove the malware. Spontaneous kiosk mode browser launches are not normal and shouldn't be ignored.
Click to expand...
www.bleepingcomputer.com

Malware locks browser in kiosk mode to steal Google credentials

A malware campaign uses the unusual method of locking users in their browser's kiosk mode to annoy them into entering their Google credentials, which are then stolen by information-stealing malware.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
Reactions: TairikuOkami, oldschool, Andy Ful and 2 others

Similar threads

Gandalf_The_Grey
    • Like
Malware News Over 6,000 WordPress hacked to install plugins pushing infostealers
Replies
1
Views
1,083
Security News
Victor M
Victor M
Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Malware News Qilin ransomware now steals credentials from Chrome browsers
Replies
0
Views
1,623
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Bot
    • Like
Security News Cheating PC Gamers Get Credentials Stolen in New Campaign
Replies
0
Views
1,384
Security News
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top