Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Malware Masking Chrome Font Update on the Prowl


The increasingly mischievous hackers have devised one fresh medium for hacking into Chrome by which end-users would be downloading certain font that's usually not there, while actually get duped into planting malicious software onto their computers.


The foremost discoverer of the infection is Mahmoud Al-Qudsi from NeoSmart Technologies a cyber security company. The company gives a thorough explanation of the assault. First, hackers chiefly employ malicious JavaScript for manipulating the text material so that it appears similar to incorrectly encoded text rather than the original matter. Thereafter, the script encourages end-users for resolving the problem via making Chrome's font package up-to-date.


The missive arrives through a popup that tells that the font namely 'HoeflerText' was not found, therefore, end-users require taking down certain update onto their PCs. But, really the update happens to be malware.


Research Director Tod Beardsley from Rapid7 a cyber-security specialist writes that the popup missive, certain malware bait attacks end-users of Google Chrome who are running Windows OS, while keeps on spreading through compromised WordPress websites. He notes that there are plentiful design elements at the point other malware baits become unsuccessful. The popup missive masks like one apparently legitimate popup coming via Chrome Web-browser, Beardsley elaborates. Bgr.com posted this, February 22, 2017.


It was 10th December 2016 when the malware attack started, says Proofpoint that also says the sinister text font update is an advert fraud malicious program called Fleercivet.


Moreover, whereas pressing on 'Update' button will result in the download of one particular file named "Chrome Font v7.5.1.exe" that name does not correspond to the one exhibited inside the sinister guidelines graphic that reads "Chrome_Font.exe."


Further to his writing, Tod Beardsley states that the attacks seem as confined to hijacked WordPress websites, an area which's sadly full of targets. Chrome users require knowing that lawful alerts which the browser issues won't ever occur like any page's overlay. In particular, Chrome doesn't have the functionality of suggesting any missing font updating, thus every such suggestion actually comes from malvertising campaign alternatively malicious software.


Chrome Web-browser on Windows PCs inside U.K, USA, Canada and Australia is getting targeted.

» SPAMfighter News - 27-02-2017

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page