Last Updated on September 20, 2024
New Malware Locks Users Out of Google Chrome
Overview of StealC Malware
A new malware named ‘StealC‘ is causing significant disruption for Google Chrome users. This malware employs a tactic called AutoIt Credential Flusher to trap users in a fullscreen browser window, blocking access to other applications.
What Is Kiosk Mode?
StealC leverages Kiosk Mode, a feature designed for public terminals. In this mode, Chrome runs in fullscreen, removing typical navigation elements. Users are presented with a fake Google login page, which tricks them into entering their credentials.
How Does the Infection Occur?
Discovered by researchers at OALABS, this malware has been active since August 22, 2024. It is primarily spread through malware loaders like Amadey. Once the malware locks the browser, the Esc and F11 keys become ineffective, leaving users frustrated and vulnerable.
Bypassing Kiosk Mode
If you find yourself stuck in Kiosk Mode, don’t panic. Here are some methods to regain control:
- Keyboard Shortcuts: Use combinations like Alt + F4 to close Chrome, Ctrl + Shift + Esc to open Task Manager, or Alt + Tab to switch apps.
- Task Manager: If necessary, press Ctrl + Alt + Delete to open Task Manager. Locate Google Chrome, right-click, and select End Task.
- Command Prompt: You can also open the Run dialog with Win + R, type
cmd, and enter the command:taskkill /IM chrome.exe /F. This will forcibly close Chrome.
Preventing Future Attacks
After regaining access to your system, it’s crucial to perform an antivirus scan to remove any lingering malware. Additionally, consider changing your Google credentials to ensure your account remains secure.
Conclusion
The StealC malware poses a serious threat to Google Chrome users, locking them out and stealing credentials. Awareness and quick action are essential to mitigate the risks.