A new Google Chrome malware is reportedly locking users out of their system and preventing access to other apps. Dubbed ‘StealC’, the malware uses a new technique called “AutoIt Credential Flusher” that forces victims to enter their Google account credentials to use other apps.
Discovered by researchers at OALABS, the technique has been used in the wild since August 22 this year by traditional malware loaders and info stealing tools like Amadey.
How does the malware lock Google Chrome users in a fullscreen window?
According to the research, StealC uses Chrome’s Kiosk Mode feature, which locks the system in a fullscreen Chrome window and disables common both F11 and Esc keys. In case you are unaware, Kiosk Mode is Chrome functionality often used on public kiosks and demo terminals to limit user interaction.