Tech support scammers take advantage of two year old Google Chrome bug to freeze PCs

Back in July 2014, a bug in the Google Chrome browser was discovered that allows developers to push thousands, or even millions of URLs into the browser"s history. The issue could cause PCs to slow down, as it will use a lot of resources on the computer. Google has been made aware of the problem, but decided to mark it as a low-level denial of service attack, and has since then delayed putting out a fix.

Fast forward to this year, and a tech support scammer decided to take advantage of the lingering bug in the browser, and utilized it to trick people into handing over their money and personal information. Initially discovered by security researcher @TheWack0lian and dissected by Malwarebytes Labs, a group of scammers are actively using the bug on one scam website.

The fake infection screen from tech support scammers

If a user clicks on "Prevent this page from creating additional dialogs," the bug will be triggered, which will freeze the system by exploiting the unpatched bug. At this point, since the computer slowed down to a crawl, the tech support scammers are hoping that the victims will call the number flashed on the screen, in order to sell unnecessary products, as well as illegitimate services to them while stealing their personal and financial information.

The only way to solve the problem is by accessing the Task Manager, and then terminate the Google Chrome process. However, you may need to perform a hard reboot should the issue be too heavy for the computer to handle, and it is hard to navigate around the computer after the problem has occurred.

No matter what happens, it is not advised to call the number on the screen, as doing so could only cause more problems, rather than making things easier.

Back in May, tech support scammers have been seen utilizing fake Windows Update screens, which will subsequently display a ransomware-like lock screen. It will ask a victim to call the number provided, which claims to fix the "corrupt" Windows license key of the host computer.

Source: Malwarebytes Labs via Bleeping Computer | Image via Malwarebytes Labs

Report a problem with article
Next Article

Almost six months after its announcement, Google begins shipping its $129 Home speaker hub

Previous Article

Uber's overhauled app will take you places, faster