ANOTHER DAY, another scam, this time in the form of an abused application programming interface (API) that overloads browsers to trick people into calling a dodgy support line.
Reported by Malwarebytes, the tech support scam is rather elegant in its brutal simplicity and execution by not actually using any malicious code.
Rather than exploit zero-day flaws, the scam abuses an simple API that prompts the browser to save to the disk. It does this request over and over at one hell of a speed, leading to a machine's CPU usage to shoot up and effectively freeze the browser within a few seconds.
While this is going on, an alert pops up warning victims that their internet service provider has blocked their machine and they need to call Microsoft support. Unsurprisingly, the number provided is fake and leads people to a scam line attempting to trick victims not au fait with such scams to part with their cash.
"The primary targets for this particular browser freeze are Google Chrome users on Windows. Other browsers will get their own landing pages, abusing other HTML APIs. Considering that Chrome has the most market share in the browser category, this is yet another example of the desire for threat actors to deploy new social engineering schemes," said Jérôme Segura, lead malware intelligence analyst at Malwarebytes.
Such malicious techniques are mostly distributed by malvertising, according to Segura, who noted that an ad-blocker can mitigate the problem, just don't use it on the INQUIRER as we also need to eat.
Making use of the Windows Task Manager will kill a locked-up browser, but could mean you lose any unsaved web pages you were working on, though that's preferable to phoning up a scam line in our opinion.
Google has yet to comment on the API abuse, but we suspect it'll soon have a patch to mitigate the risk. That being said, the tech support scammers will likely find new ways to exploit less tech-savvy victims, so as ever it's worth browsing with a little bit of care and avoid clicking on things that don't feel right. µ
But you've got another, er, six months to wait
The gadget fiddlers at iFixit have stuck it to Redmond's new fondle slate hybrid
Intel could get rudely pushed aside in favour of custom ARM CPUs
Sky Mobile becomes first UK operator to show its hand