Cybercriminals Are Using a New Method to Steal Google Passwords: Full-Screen Mode

  • They use malware that forces kiosk mode in Google Chrome, displaying a fake login screen.

  • The malware captures users’ credentials when they type them into Google.

Google
No comments Twitter Flipboard E-mail

Picture this: While casually browsing the web, your browser suddenly stops responding. All you can see is a full-screen login page that prompts you to enter your Google credentials to continue. This isn’t normal and shouldn’t happen. However, some people are experiencing this because, in fact, it’s actually a cyberattack.

According to researchers at OALabs, cybercriminals are using this new technique to steal usernames and passwords. The method is simple but highly effective. Victims unknowingly give their login details to malicious actors in order to proceed with their online activities.

A Cyberattack as New as It Is Effective

Amadey is a malware that infects the user’s system and allows a malicious utility called StealC to be loaded. Once the system is compromised, the browser goes into “kiosk mode,” displaying content in full screen and preventing the use of F11 or ESC keys to return to the Desktop.

Kiosk mode is a legitimate Chrome feature used at guest check-in counters or point-of-sale. However, the malware exploits this feature to limit the victim’s options, displaying a fake Google login page.

Google malware The page that invites users to enter their Google login credentials.

After the user enters their login credentials into the compromised system, StealC steals their data. Once cybercriminals have access to the victim’s account, they can use it for a variety of other illicit activities, such as distributing other malware or setting up banking scams.

This type of threat should remind you to be more vigilant in the digital world. Not only should you ensure that your device’s software (operating system, browser, etc.) is updated, but you should also avoid visiting suspicious websites or clicking on links of dubious origin.

It’s important to remember that you’ll occasionally need to enter your login credentials in your Google account, which is completely normal. However, encountering limitations in Chrome’s kiosk mode isn’t normal. Additionally, you can enhance your cybersecurity by using two-step verification or passkeys.

Image | Growtika

Related | Google Is Making a Significant Change to Chrome’s Security That Affects Thousands of Websites. They Have Four Months to Comply

Home o Index