New chrome malware is the “Snipe Hunt” of scams

Terry Ganzi

Level 26
Thread author
Verified
Top Poster
Well-known
Feb 7, 2014
1,540
Imaginary font message fools the unwary…
There’s a new Google Chrome malware scam making the rounds, one that alerts users to a dangerous situation: the “HoeflerText font” cannot be found. Fortunately, there’s a handy update button in the popup box to help remedy this imaginary problem. Clicking the update button installs a trojan or even the Spora ransomware.


There’s a good reason the HoeflerText font cannot be found…

It works by inserting Java script into websites with vulnerable security flaws, something that you don’t have any way of knowing. All you know is the website you’re trying to access is nothing but gibberish (hence, the font can’t be found) and you click the update, hoping to read the website.

Think of it as being the ‘snipe hunt’ of scams… Snipe hunts are a lot of fun, well, for everyone except the victim. If you’ve never been invited along on one of these late-night (usually alcohol-fuelled) expeditions, it works like this: you bring an unsuspecting friend out into the woods. You give him a giant stick and a sack to put the snipe in, then teach him the very specific and idiotic snipe call. After leaving him to his serious work, you try not to laugh as you record him yelping and flailing his arms, in an attempt to lure an imaginary animal closer. There are bonus points involved if you manage to also frighten him in the darkened forest.

Fortunately, there are a few ways to avoid it. Even if you don’t know that you’re not actually missing your HoeflerText capabilities, TheHackerNews has pinpointed these identifiers:

You can catch the rest of the news here: New Chrome Malware Is The “Snipe Hunt” Of Scams |
 

Ink

Administrator
Verified
Jan 8, 2011
22,490
why is this browser so suseptible to malware...?
It’s not. The end user is the weakest link.

Chrome's Malware and Phishing protection will block the malicious download, as with the previous fake font scheme which I tested.

Anyone could socially engineer a fake website to replicate Firefox Add-ons Market, and say the same thing. You just have to identify the differences between what is real, and what is not.
 
  • Like
Reactions: Der.Reisende

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top