Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Scam operation. Show all posts

A New Trick discovered to block Visitors and Scare Non-Technical Users into Paying for Unneeded Software and Servicing Fees

The administrators of some technical support scam websites have discovered a new trick to block visitors on their shady sites and scare non-technical users into paying for unneeded programming or overhauling charges.

The trick depends on utilizing JavaScript code stacked on these vindictive pages to start thousands of file download tasks that rapidly take up the client/user's memory assets, solidifying or (freezing more likely) Chrome on the con scammer's webpage.

The trap is intended to drive the already panicked clients into calling one of the technical support telephone numbers that appear on the screen. A GIF of one of these noxious locales freezing a Chrome program running the most recent rendition (64.0.3282.140) is implanted underneath.


As per Jérôme Segura — Malware bytes leading expert in technical support scam operations and malvertising,—this new trick uses the JavaScript Blob strategy and the window.navigator.msSaveOrOpenBlob function to achieve the "download bomb" that stops Chrome.

The expert says the best way to get away from the technical support site is to close Chrome by means of Windows Task Manager.

At the point when the client restarts Chrome, if Chrome is designed to reload the previous session, Segura encourages clients to rapidly close the shady site while the page is loading and before the vindictive code has an opportunity to execute.

Segura says that he spotted technical support scammers mishandling this new trick after Google engineers fixed Chrome against a past system or a previous technique in other terms, that used the history.pushState API  to comparably freeze Chrome programs on shady sites.

This "download bomb" trap just works in Chrome, Segura said.

Clients arriving on a similar shady URLs yet utilizing different browsers are served diverse pages.


Likewise on the front of such shady sites pushing noxious content, clients ought to be aware about the other sites pushing counterfeit Adobe Flash Updates packages bound with CPU miners, yet in addition of comparable shady sites putting on a show to provide Mozilla Firefox updates.