Fraudsters that pretend to be technical support are actively exploiting the old blocking error in the Firefox browser in order to force victims to turn to them for “help”.
This is a bug in the browser, discovered three months ago and affecting the stable builds of Firefox 70.x, beta 71.x and night versions 72.x. Authentication prompt spam, also called login prompt spam, has been a problem for internet users for the last two decades.
Tech support scam sites have used this trick to trigger infinite loops of “Authentication Required” prompts that block users on sites and prevents them from closing tabs or the browser.
另請閱讀: 火狐瀏覽器 70 blocks cross-site social media cookies
Using this vulnerability, attackers can block the victim’s browser and display a fake notification about the need to contact technical support as soon as possible, otherwise the system will be turned off after 5 分分鐘. The victim cannot close the notification tab.
Jérôme Segura
It looks like there’s a working browlock for Firefox using a technique that is new to me”, — 寫 Jérôme Segura in Twitter.
To block the browser, attackers send a large number of requests for authorization confirmation, since there are no restrictions on their number. The victim can regain control of the browser by completing the Firefox-related process in the Windows Task Manager.
The text of the notification displayed by cybercriminals is usually the following:
Do not ignore this important warning. Stop and do not turn off your PC. Your computer’s registry key is locked. Why did we lock your computer? The Windows registry key is illegal. This Windows computer uses pirated software. This Windows PC sends viruses over the Internet. This Windows PC is hacked. We locked the computer for your safety. Please call us within 5 分分鐘, otherwise your computer will be turned off.”
Mozilla is currently working on a bug fix. Browser makers are in a constant fight to fix bugs and loopholes exploited by tech support scammer groups. Mozilla’s upcoming Firefox fix helps, but it won’t stop tech support scammers, who will just find another trick to exploit.
發表評論