Written by Rob Young, Group Managing Director – 17th August 2017
What is the Google Chrome Malware?
Cyber Criminals are injecting script into poorly-protected web pages via the Chrome browser to Windows users only. The malware which is thought to be Spora Ransomware, then rewrites the compromised website within the victim’s browser to make the page unreadable. It then creates a fake font related issue for the user to resolve.
Chrome Malware font popup
A browser popup that appears once the website is compromised, contains the below message urges users to download the HoeflerText font to their computers (This is a genuine font name which is why users get fooled into downloading it). Once a user then clicks ‘update’, the malware is reportedly downloaded on to their machine.
Does Google Chrome protect users?
Yes, legitimate warnings from the Google Chrome browser itself will never appear as overlays to a web page and more importantly, we have researched that Chrome does not offer any functionality for prompting for missing font downloads. If a user does attempt to download this malicious file from Chrome, the browser itself will notify them that the file is ‘not commonly downloaded and may be dangerous’. However, some users ignore this message and become victims of the cyber criminals.
How can I prevent my business being attacked?
We are urging our clients to make employees aware of this immediately and not to download anything suspicious from Chrome browser pop-ups. We are also urging clients with WordPress websites keep them updated to the latest version (4.7.2) and keep plugins updated.
We also recommended adequate anti-virus with web protection is installed across your network to ensure your business is fully protected.
How can we help protect your business from malware?