Blog

Hackers Target Chrome Users: How to Protect Your Google Account

Published October 6th, 2024 by Bayonseo

Cybercriminals have devised a new attack targeting Chrome users through a malware called StealC. This malware traps users in "kiosk mode," blocking key commands and presenting a fake Google login screen. Users, out of frustration, enter their credentials, allowing the malware to steal them. Additionally, the TrickMo banking Trojan mimics the Chrome app on Android, intercepting two-factor authentication (2FA) codes and capturing login credentials through fake screens. 

 

How the Scam Works: 


Cybercriminals use a technique involving the StealC malware to hijack a victim’s browser. Here's the process: 

  • Browser in Kiosk Mode: The malware locks the Chrome browser into kiosk mode, preventing users from using basic commands like ESC or F11 to exit. 
  • Fake Login Screen: The screen shows a fake Google login window, tricking the victim into entering their credentials. 
  • Credentials Stolen: After the user submits their login details, another malware (StealC) collects the credentials directly from Chrome’s credential store and sends them to the attacker. 


Additionally, TrickMo, a banking Trojan, mimics the Chrome app on Android, intercepts 2FA codes, and captures login credentials through fake screens. These scams exploit user frustration and trust in familiar services to access sensitive data. 


How to Recognize and Avoid This Scam: 

  • Unusual Kiosk Mode: It may be compromised if your browser is stuck in full-screen mode with no way to escape. 
  • Verify Login Screens: Always double-check the authenticity of any login page, especially if accessed unusually. 
  • Use Security Tools: Regularly scan your device with antivirus tools like Malwarebytes and avoid downloading apps from unofficial sources. 


How to Protect Yourself: 

  • Escape Kiosk Mode: Try key combinations like Alt + F4 or Ctrl + Shift + Esc. If this fails, use Task Manager or reboot your system in Safe Mode. 
  • Use Malware Scanners: Run tools like Malwarebytes to remove infections. 
  • Download Apps Safely: Only download apps from official sources like the Google Play Store. 
  • Enable Two-Factor Authentication (2FA): While TrickMo can intercept 2FA, using this security measure makes it harder for hackers to compromise your account. 
  • Regular Security Training: Educate employees about phishing attacks, malware tactics, and how to safely manage their devices.


Importance of Awareness in Business 

Businesses that rely on Google accounts, email, and Android apps should be especially vigilant. Cybercriminals are continuously evolving their tactics, exploiting users' trust in familiar interfaces like Chrome or the Google app. 


How Bayon Technologies Group Can Help We provide comprehensive cybersecurity solutions tailored to protect against threats like StealC and TrickMo. From regular malware scanning and monitoring to educating your workforce on best security practices, we help safeguard your business from ever-evolving cyberattacks. 


Contact Us Today to enhance your cybersecurity measures and protect your business from these sophisticated threats. Stay ahead of hackers with proactive solutions tailored to your needs. 


‹ Back