Fake Chrome Font Update Attack Distributes Backdoor

Fingerprinting capabilities included in the injected code trigger the attack if certain criteria are met (targeted country, correct User-Agent (Chrome on Windows) and proper referer). If the social engineering scheme is successful and the user accepts to install the fake font pack, a file named Font_Chrome.exe is downloaded and executed, and their system is infected with malware.

Read full news article on SecurityWeek

 


Date:

Categorie(s):