New Malware on the Rise: How It ‘Annoys’ You into a Security Slip-Up

How safe is your team when it comes to online security? Phishing scams, suspicious downloads, and questionable links are often on everyone’s radar, but new malware is upping the game by using frustration as a tactic to capture your Google login credentials.

This #malware, currently unnamed, is part of the "Amadey" family—a known malware type that’s been gaining traction since August. Unlike standard #phishing attempts, this malware leverages a method that locks users into “kiosk mode,” frustrating them to the point of giving up their login details.

How the Malware Works: Locked in Kiosk Mode

Kiosk mode is typically used on public or shared computers, allowing access to only one browser window. Once the malware activates this mode, it forces your browser into full-screen view, removing all navigation features, including the address bar, menus, and typical exit options. Users are then redirected to a realistic-looking #Google password reset page, furthering the illusion.

Why Standard Escape Options Won’t Work

Usually, a quick press of the Esc or F11 keys would exit full-screen mode. However, this malware disables those functions, tricking users into thinking they need to enter their password to “unlock” their browser. As soon as a user enters their #credentials, a secondary malware in the background captures the information, sending it directly to #cybercriminals.

How to Escape and Protect Your Credentials

If you find your browser locked in full-screen mode and suspect malware:

• Use ALT+TAB to try switching to another window or application.
• Force Close the Window by pressing ALT+F4.
• End the Task via Task Manager: Press CTRL+ALT+DELETE to open the Task Manager, then end the affected browser task.
• Restart Your PC: As a last resort, hold down the power button to restart or unplug the device if necessary. Seek professional help to ensure the malware is fully removed.

Avoid Suspicious Links

Proactive prevention remains the best defense. Be cautious if your computer starts acting unusually, especially if it enters full-screen mode without your input. Avoid clicking unknown links or opening unsolicited attachments, and never enter your login information unless you’re certain of the website’s legitimacy.

If you’d like assistance in training your team to spot and prevent these kinds of online threats, reach out to Systems X today. We’re here to help keep your organization secure from the latest cyber risks.