A new attack is under way and targets Chrome users. This time they try to trick users with the lack of a font in the browser, causing them to install a malicious application. This failure, not being a security breach in Chrome, can fool the most inattentive users, causing them to download and install an application that promises to resolve the absence of a browser font. The page where it is served appears to have problems with the text, showing it with strange characters and preventing it from being read correctly. The site itself, which may be known by the user, will already be compromised and with external code to trigger the attack. The alert that is shown to the user shows the fault, also proposing the correction of the same with a simple download, which if executed, inflicts the user’s machine. The whole image of this pop-up is in line with what’s normal in Chrome, which is a major problem for users as they easily identify it as “official.” If the downloaded file is a .exe that are not known (Chrome Font v7.5.1.exe), Chrome will try to protect itself by showing an alert to the user in the status bar, but that can be easily bypassed. As soon as the infected file is run on the machine it becomes infected, but, still, it is not known yet what this malware will later do to the system.
Mahmoud Al-Qudsi of security firm NeoSmart Technologies was the one to uncover this new attack, which is still only detected by 9 of the 59 antivirus products on VirusTotal. This is yet another well-tried attempt to trick users into installing malware through alleged faults that can be quickly fixed with external applications. All the attention is needed, and even if these alerts and these supposed updates seem real, users should not trust them and seek support from official help channels.