Discover more... ©milankantony

Chrome missing font prompts, malicious files trick.

✔✔✔rating
New hacking tactic on Google Chrome that manipulates websites into displaying missing font prompts, which then trick users into downloading malicious files.The attack involves a hacker exploiting JavaScript to alter the rendering of content on a webpage, causing it to resemble mis-encoded text which appears as a jumble of symbols and shapes. The code then prompts the user to download the missing fonts through a Chrome language pack to decipher the text.

The attack involves a hacker exploiting JavaScript to alter the rendering of content on a webpage, causing it to resemble mis-encoded text which appears as a jumble of symbols and shapes. The code then prompts the user to download the missing fonts through a Chrome language pack to decipher the text.




A savvy user will know what version of Chrome they are running, in this case version 56, however the prompt has version 53 hard-coded into its dialogue. It also features a rather conspicuous 'X' in the top right corner, which gives the game away

 It also slips by Windows Defender, and a check of virus scanning database VirusTotal reveals that only nine of 59 recorded antivirus scanners are able to correctly identify the file as malware.

Recommend for you



Most Read

Blog Archive

Scroll To Top