The Chrome Bug which was being exploited by Tech Support Scammers for several months has finally been taken care of by Google. The bug allows these scammers to replace the standard mouse cursor with an artificial and larger one, which in turn traps users inside the browser, leaving them no way to either close or leave a specific tab or browser entirely.
Jerome Segura of Malwarebytes was first to detect this bug and named it “evil cursor” and the scammers which exploited it were given the name, “Partnerstroka”. Segura was quick to inform Google about the bug last year, but it looks like the Company REALLY took its time to resolve the issue.
So, how it works is that it uses a custom-made image, which takes place of the normal cursor. The standard cursor still remains on the screen but it is confined inside a box-shaped container. Victims are then tricked into thinking that they can use the cursor displayed inside the box to close the tab or browser but that’s not the close as they are actually clicking in another area entirely. They are also brought to the Tech Support Sites, which are scam obviously. These sites require users to contact them to get the issue resolved.
In order to fix the issue, it wasn’t considered an ideal solution to prohibit the use of such over-sized and custom cursors as their importance in games can’t be denied. Thus, Google was forced to come up with another solution, which its engineers did!
According to the solution, Chrome will convert the cursor back into its standard mode as soon as it is hovered over the browser interface parts such as tab bar, menus etc. However, the custom cursor will still be seen when it’s placed on the page content. Thus, users who end up on the Support sites will easily be able to leave them.
The solution is available for only Google Canary users as of now, but it will be rolled out for others this spring with Chrome 75.
Read Next: Social Media is now being used by 'Support' scammers for conning people and nearly every tech savvy person is at risk!
Jerome Segura of Malwarebytes was first to detect this bug and named it “evil cursor” and the scammers which exploited it were given the name, “Partnerstroka”. Segura was quick to inform Google about the bug last year, but it looks like the Company REALLY took its time to resolve the issue.
So, how it works is that it uses a custom-made image, which takes place of the normal cursor. The standard cursor still remains on the screen but it is confined inside a box-shaped container. Victims are then tricked into thinking that they can use the cursor displayed inside the box to close the tab or browser but that’s not the close as they are actually clicking in another area entirely. They are also brought to the Tech Support Sites, which are scam obviously. These sites require users to contact them to get the issue resolved.
The ‘evil cursor’ is a simple and yet effective way for tech support scammers to achieve the browser locker effect. Bug report here: https://t.co/XK63djq6wH pic.twitter.com/zNcSc8ox9G— Jérôme Segura (@jeromesegura) September 14, 2018
In order to fix the issue, it wasn’t considered an ideal solution to prohibit the use of such over-sized and custom cursors as their importance in games can’t be denied. Thus, Google was forced to come up with another solution, which its engineers did!
According to the solution, Chrome will convert the cursor back into its standard mode as soon as it is hovered over the browser interface parts such as tab bar, menus etc. However, the custom cursor will still be seen when it’s placed on the page content. Thus, users who end up on the Support sites will easily be able to leave them.
The solution is available for only Google Canary users as of now, but it will be rolled out for others this spring with Chrome 75.
"While social engineering is the main leverage [for Tech Support Scammers], they often incorporate techniques that help with that effort.", wrote Segura in a blog post on Malwarebytes. Adding further, "We can expect crooks to keep coming up with clever ways to disrupt the browsing experience and abuse advertising, registration, and hosting platforms along the way."Tech Support Scammers make loads of money by using such kinds of bugs and tricking users into contacting them in order to get their issues resolved. Their expansion over the last few years has resulted in a significant increase in cybercrimes. Thus it’s important to get these bugs fixed to avoid being scammed and discourage these cyber hacking groups.
Read Next: Social Media is now being used by 'Support' scammers for conning people and nearly every tech savvy person is at risk!