Beware of This New Malware Disguised as a Google Login Page

Bleeping Computer reports (via Tom’s Guide) connected caller malware that aims to bargain your Google credentials by locking your browser successful kiosk mode. By freezing your browser connected a Google login page, it prompts you to participate your login info, which it steals and sends to the attacker. It besides specifically locks your Esc and F11 keys, which could different person been your go-to combo to flight the situation.

Kiosk mode, arsenic the sanction suggests, is simply a dedicated mode designed for nationalist booths oregon moving stations. It disables the instrumentality truthful that it is forced to tally conscionable 1 program, the 1 that the kiosk is intended for.

The malware volition randomly fastener your instrumentality successful kiosk mode by displaying a Google login leafage connected your browser. Given the deficiency of options and the inability to usage the Esc + F11 keyboard shortcut, you’d beryllium tempted to simply springiness it your credentials to determination connected with your work. This malware’s strategy is to currency successful connected your vexation by exploiting kiosk mode.

The onslaught takes the idiosyncratic to a URL that leads to a Google alteration password page. Here, the unfortunate enters their existent and caller passwords, giving an info-stealer entree to both.

The study mentions that Amadey, a malware loader tool, is down this onslaught and has been deployed for this task since August 22, 2024. The instrumentality has mostly been utilized for different cyber attacks since 2018. The credentials you participate are stolen by StealC, an info-stealer launched successful aboriginal 2023.

How to bypass it

If you find yourself astatine the misfortune of this malware, you tin effort utilizing alternate hotkey combos. Bleeping Computer suggests Alt + F4, Ctrl + Shift + Esc, Ctrl + Alt +Delete, and Alt +Tab. They adhd that 1 of these mightiness fto you rhythm done moving apps oregon trigger the Task Manager truthful you tin unopen your browser. They besides urge the Window cardinal + R combo that launches the Windows bid prompt. If you’re successful, and the punctual appears successful a small container connected its accustomed bottom-left country of your screen, participate ‘cmd’ and past ‘taskkill /IM chrome.exe /F’ to terminate Chrome.

The study besides mentions that you tin ever hard reset your instrumentality by holding down the Power button. This volition pb to the unfortunate but inevitable result of losing each your work, but that’s thing compared to having your Google credentials stolen. When you’re backmost from the reboot and your instrumentality is up and moving arsenic usual, marque definite to tally an antivirus scan archetypal to destruct the malware.