Scammers use a lot of tricks to lure computer users to victimize them. One of the oldest techniques in their existing browser locker schemes to force them to download a specific kind of file. Earlier the attacks used to flood the machine with a huge amount of file requests to crash the browser, however, the one we are discussing is completely a social engineering plan.
Certainly, the flooding technique (old one) which exploits window.navigator.msSaveOrOpenBlob method had been fixed by Google Chrome. However, the one we are discussing is an amalgamation of earlier abused HTML5 method called history.pushState() & Anchor download method.
How Does It Work?
Credulous users are redirected to a fake Microsoft alert page while they are browsing several websites. In most of the cases, the redirection is started by a malicious advertising chain also known as malvertising.
The webpage tries to use several methods to generate lock impression, such as controlling keyboard and mouse events and coercing itself in full screen mode. Furthermore, it initiates an automatic file download by the name, “This is a VIRUS. Your computer is blocked” (sic) as given below:
This file is a transcription of browser locker HTML code, this file is malicious in nature, but it doesn’t have the capability to cause harm to your computer alike malware or virus. The scammers use strong and threatening words to terrify inherent victims.
Also Read : What Should You Know About Internet Security?
The undisclosed code accountable for the behavior contains use of the jQuery library (jquery-3.3.1.min.js along with a few blocks of JavaScript, beginning with Anchor element. It seems the code is taken and altered from 5-year-old GitHub Gist:
Another part contains creating a loop and interjecting history.pushState technique:
Every browser treats automatic file download in a different manner. Therefore, you will be able to see the downloaded in different ways.
These tech support scammers come up with a lot of methods to exploit browsers using simple tweaks and techniques. These techniques effect in a large deal as they use legit features and web standards to scam users.
Must Read : Top Cybersecurity Facts, Figures & Statistics Of This Year
That’s why browser developers face difficulty in alleviating these attacks without breaking legit use cases. The issue in which browser hangs due to unlimited downloads bug is unresolved on Mozilla Firefox. We hope the issue gets resolved soon.