A new and sophisticated hacking method is gaining traction, targeting users through Chrome’s Kiosk Mode. This attack strategy takes advantage of Chrome’s full-screen mode to trap users on a fake Google login page. Once trapped, users are prompted to enter their Google credentials, which are then captured by the attackers. The result is stolen login information that could lead to compromised Gmail and associated accounts.
According to a report from OALabs, the method involves a two-part attack. First, a Windows application presents a counterfeit Google login page within Chrome. The app then activates Chrome’s Kiosk Mode, which locks the browser in full-screen mode, preventing users from switching to other programs or accessing system functions like the F11 key. This restriction is designed to trap users on the fake page.
Users are only able to interact with the dummy login page, where they are prompted to enter their Google username and password. Once entered, this information is intercepted by a separate program controlled by the hacker. The immediate risk is that the hacker could change the user’s password, thereby locking them out of Gmail and any services linked to their Google account.
This method is particularly alarming because of its direct approach and potential to affect users beyond Chrome, as other browsers with similar Kiosk Mode features could also be exploited. The attack represents a clever blending of social engineering and technical manipulation to deceive users into revealing sensitive information.
To protect against this type of attack, users should exercise caution when downloading programs and be wary of unexpected full-screen login prompts. If such a situation arises, it’s crucial to exit the full-screen mode and run a virus scan to ensure the system is secure.