A newly discovered malware targets users, locks their Google Chrome in kiosk mode and remains in this state until the user obtains their password. Furthermore, this situation occurs when users step away from their computers for a short period of time. When users return to their computers, they find that Chrome is locked in kiosk mode and the Esc and F11 keys on the keyboard no longer work. So what is the solution to this situation?

Behind this situation, which has recently come to light and the examples of which are growing, lies malware designed to steal users’ Google passwords and other credentials. According to BleepingComputer, the malware in question is designed to trick users into entering their passwords in order to take their browsers out of kiosk mode. When users enter their passwords, they are not only giving up their Google credentials, but also causing other passwords stored in the browser to be captured and gain control of their online accounts. They make sure it is passed on to malicious people..

So what is this kiosk mode?

To summarize what kiosk mode is, kiosk mode is basically a special configuration used by both browsers and applications to limit user interaction and is usually run in full screen. It is often used by electronic retailers to display devices, because in this mode they show the device’s features and at the same time do not allow users to interact directly with the device.

According to the report published by OALABS in August, this type of attack method has been used since the beginning of this year. often used by hackers. These attacks were carried out using the Amadey malware installer, which was first introduced in 2018. Like other malware, Amadey is often distributed via malicious plugins, advertisements, and malicious files. While the OALABS report was unable to detail the full infection chain of this new attack, such infection methods can force your browser to go into kiosk mode.

How do we protect our computer from this malware?

The question is of course what to do if this situation occurs. Although the reports do not offer a definitive solution for the time being, they do underline that you should definitely not try to enter login data. Furthermore, since it is usually sent via plugins and malicious files, the plugins and plug-ins that you use in your browser that the files you download are safe You must know for sure.

So what do you think about this issue? Have you come across a similar situation? You can share your thoughts with us in the comments section below.