Before you panic: 6 things to remember about Android security
Full coverage |
Full coverage |
Con artists pushing tech-support scams have an arsenal of ways to lock up the browsers of potential marks. On Tuesday, a researcher disclosed a new weapon that freezes Google Chrome, which, by most measures, is the Internet’s most widely used browser.
The point of all the techniques is to render a browser unusable immediately after it displays a fake error message reporting some sort of security breach. Given the appearance of a serious crash that can’t be fixed simply by exiting the site, end users are more likely to be worked into a panic and call the phone number included in the warning. Once called, the scammers—posing as representatives from Microsoft or another legitimate company—stand a better chance of tricking the caller into providing a credit card number in return for tech support to fix the non-existent security problem. The scams are often transmitted through malicious advertisements or legitimate sites that have been hacked.
A new technique reported by security provider Malwarebytes works against Chrome by abusing the programming interface known as the window.navigator.msSaveOrOpenBlob. By combining the API with other functions, the scammers force the browser to save a file to disk, over and over, at intervals so fast it’s impossible to see what’s happening. Within five to 10 seconds, the browser becomes completely unresponsive. Users are left viewing a page that looks like the left side of this image:
Read 8 remaining paragraphs | Comments
ABC Online |
China Ambassador Cheng Jingye accuses ABC, Fairfax of stirring up 'panic'
ABC Online Prime Minister Malcolm Turnbull ordered a major inquiry into the nation's espionage and foreign interference laws following the investigation, and Labor is calling for a parliamentary inquiry. But Ambassador Cheng Jingye argued it was a "sensational … |
TechRadar |
Useless WannaCry security apps prove you shouldn't download in a panic
TechRadar You've probably heard of WannaCry – it's a piece of ransomware that has infected medical computer systems, big business databases and many other platforms. It's not on your Android phone though – so don't download any apps claiming to protect your … |