Sneaky new malware attack targets Chrome users

There’s a new virus attack circulating the web on innocent and unsuspecting websites that’s hard to spot and easy to fall for.

I was doing research for an article earlier today when my computer was almost hacked. The bad guys have found a fairly sneaky new way to trick you into allowing the malware onto your system, and I almost fell for it.

The scam targets people using Google’s Chrome browser. When you click onto an innocent link to read a piece of content, the page appears to be in gibberish symbols – as though your computer doesn’t have the proper font installed and can’t display the text. (See image below.)

Sure enough you also get a Google branded popup window over the page you’re trying to read informing you that the “The ‘HoeflerText’ font wasn’t found” and prompting you to install the latest “Chrome Font Pack.”

Don’t download and install it. The whole thing is a trick, and the file you’d be installing contains malware that will take over your system.

This is a particularly sneaky attack because it is found on websites that are innocent enough. It’s not like you’re engaged in some filesharing behavior that is known to be risky. The hackers have compromised the source codes of unsuspecting websites and inserted a script that causes the text to display as symbols for Chrome users specifically.

Also, the popup prompting you to update your fonts properly uses Google’s branding, logo, font and style. It looks and feels legit. Don’t fall for it. In fact, proceed with extreme caution whenever downloading files from the web or installing things from sources you don’t absolutely trust on your computer.

If you see this, hit the back arrow and find your information elsewhere.

Comments
This is a test