Tech support scams are a big problem in today's cyber-crime scene, and hundreds of thousands of victims have lost billions of US dollars to these crooks.įor example, just one tech support scam site operator arrested earlier this month scammed victims out of $3 million over the course of four years, which is quite a nice profit.
In the grand scheme of things, users might consider this fix trivial, but this is actually a very important fix. The "evil cursor" fix is currently live for Google Canary users, and is scheduled to land in the Chrome 75 stable branch, to be released later this spring. This way, users who land on tech support scam sites operated by the Partnerstroka gang -one of the most active groups around today- will be able to leave these sites without getting locked in. Nevertheless, after months of tests, Google engineers came up with a compromise that satisfied both Segura's security-related concerns and didn't break existing sites.Īccording to this bug report, Chrome will automatically revert the mouse cursor back to the standard OS graphics when hovering over parts of the Chrome browser interface (tab bar, address bar, menus, etc.) but will keep the custom cursor when hovering the page content. The trick was that users would think they'd be clicking where the cursor would appear, but they would actually click in another area of the screen, preventing them from closing popups and browser tabs due to inaccurate clicks. Available annotation tools Spotlight (only available if you started the shared screen or whiteboard): Displays your mouse pointer to all participants when your. Called an "evil cursor," it relied on using a custom image to replace the operating system's standard mouse cursor graphic.Ī criminal group that Malwarebytes called Partnerstroka operated by switching the standard OS 32-by-32 pixels mouse cursor with one of 128 or 256 pixels in size.Ī normal cursor would still appear on screen, but in the corner of a bigger transparent bounding box.
The trick was first document back in 2010, but only recently entered the arsenal of tech support scammers -in September 2018, when it was spotted by Malwarebytes analyst Jerome Segura. Google has patched a Chrome bug that was currently being abused in the wild by tech support scammers to create artificial mouse cursors and lock users inside browser pages by preventing them from closing and leaving browser tabs.
0 kommentar(er)
