Chrome Font Update is Malware
Posted by: Timothy Weaver on 02/27/2017 02:18 PM
[
Comments
]
Hackers are trying to fool users into downloading a Chrome font pack that supposedly will allow the reading of jumbled web pages.
Security firm NeoSmart Technologies found the malware when landing on a compromised WordPress site that probably was not properly updated.
The hackers are inserting JavaScript into poorly secured, but legitimate websites to modify the text rendering on them, which causes the sites to look all jumbled with mis-encoded text containing symbols and other random characters.
Anyone who lands on such a site will be faced with a popup that reads: "The 'HoeflerText' font wasn't found," and you're then asked to update the "Chrome Font Pack." The "download" actually installs a trojan. It can also be used to install ransomware.
NeoSmart Technologies has run the executable through Virus Total and found that only 9 out of 59 virus engines recognize the malware.
Users should be aware that the Chrome font pack comes with everything they need and no update is necessary.
Source: The Hacker News
Security firm NeoSmart Technologies found the malware when landing on a compromised WordPress site that probably was not properly updated.The hackers are inserting JavaScript into poorly secured, but legitimate websites to modify the text rendering on them, which causes the sites to look all jumbled with mis-encoded text containing symbols and other random characters.
Anyone who lands on such a site will be faced with a popup that reads: "The 'HoeflerText' font wasn't found," and you're then asked to update the "Chrome Font Pack." The "download" actually installs a trojan. It can also be used to install ransomware.
NeoSmart Technologies has run the executable through Virus Total and found that only 9 out of 59 virus engines recognize the malware.
Users should be aware that the Chrome font pack comes with everything they need and no update is necessary.
Source: The Hacker News
Comments
