Wednesday, September 02, 2015

Another silly Chrome hijack scareware attack; also, Mac offers a big security update to OS 10.10


Late last night,  on my HP Envy under Windows 8. 1, I observed another Chrome hack, when I was on a troubleshooting site called Wikiguga, investigating a spurious error when I installed a new iMovie on my Macbook (for what it’s worth, the iMovie still works OK).  All of this, by the way, came as a supplement to Mac OS 10.10.5, OS Yosemite, which included a new iTunes, and is supposed to have major security improvements, possibly to address issues covered last month.; the whole process took about 30 minutes and did consume some of my time! 
I suddenly got one of those red-and-white “System Error” web pages (on the Envy) with a female voice (sounding like a hooker) advising me to call the 800 number at the bottom to release the page lock (and pay on a credit card, to be sure).  The History trace shows that the Wikiguga got redirected to “adcash.com” (an apt name), and then to “jz1sf.internet-security-alert.com”.

The rest of the computer worked OK, just Chrome was locked.  So I pressed the power button twice and “restarted” Windows 8.1.  This time, when Chrome came up, Chrome, curiously, did NOT say it had not been properly shut down, and Chrome did not invite me to visit the fake site again
Why doesn’t Google Chrome fix the browser so it can’t be hijacked by a malicious website redirect?

A Webroot Secure Anywhere scan (after a full “correct” restart) was clean and showed no executables had been loaded.

So this is a very transparent and silly kind of hack (probably from Russia or eastern Europe) that would work only on the most gullible. I don’t know if the FBI dedicates any resources to stopping these. Maybe it’s part of Vladimir Putin’s way of getting young Russian dads some income.

No comments: