A new Google Chrome hack now tricks users into thinking there’s something wrong with their browser, and gets them to download malware from a malicious website.
Dubbed the “missing font” hack, the cybercriminals use a fake browser prompt to tell users that they need to download the missing font, and offers a blue update button.
What happens first is that you see gibberish on your screen when you open a Google Chrome window. A warning prompt then appears – well-designed and legitimate-looking – and tells you that the “Hoeflet Text” font is missing, making you believe that’s why the screen is covered with undecipherable symbols and numbers.
When you click on the “Update” button on the warning prompt, a file is downloaded. The scary part is that neither Chrome nor Windows Defender can identify this file as being malware. Once in, the malware can access your core Windows system files.
You may get an alert right before downloading the file, which says something like “this file isn’t downloaded very often,” according to security researcher Mahmoud Al-Qudsi, who first spotted the hack on a compromised WordPress website.
What’s alarming about this hack is that it looks genuine for the most part – the page not rendering properly, the warning prompt and even the Update button all look authentic. But Al-Qudsi says that users can see anomalies if they look carefully enough. For example, the warning prompt box itself is a little blurred, and the Chrome logo also gives away the game to the wary eye.
The clever hackers appear to have done a very good job designing the prompt and so on, but it’s not perfect, apparently.
But what about those whose computers have already been infected? Al-Qudsi says only nine of a total of 59 antivirus programs were able to scan and identify the downloaded file as being malware. Among these antivirus makers are Symantec, CrowdStrike, Fortinet and Malwarebytes.
MalwareTips shows us how the malware – possibly a form of adware – can be removed from your system so the warning prompt doesn’t keep popping up over and over again when you’re browsing.
To remove “The HoeflerText font wasn’t found” pop-up on Google Chrome, follow these steps:
- STEP 1: Use AdwCleaner to remove adware from the computer
- STEP 2: Scan and clean your computer with Malwarebytes
- STEP 3: Double-check for malicious programs with HitmanPro
- (OPTIONAL) STEP 4: Reset your browser to default settings
Using Malwarebytes, you can scan and clean you computer, removing this and other known malware completely from your system.
Security awareness is key when you’re browsing the Internet. When downloading software, read and understand what you’re agreeing to. Additionally, a lot of software typically comes with optional downloads that are selected by default. Unselect those if you don’t need them.
In general, greater awareness about your security online leads to fewer instances of cybersecurity attacks. Make sure you have the right tools, and make sure that those tools are up to date all the time. Whether it’s an operating system or a piece of software or even a browser like Google Chrome or Microsoft Edge, make sure you’re on the latest version at all times. This can often be the critical line of defense between you and the hacker.
Be Smart Online; Be Safe Online.
Thanks for reading our work! Please bookmark 1redDrop.com to keep tabs on the hottest, most happening tech and business news from around the world. On Apple News, please favorite the 1redDrop channel to get us in your news feed.