Following the news of the Google Chrome hack that prompts users to download “missing font” malware, Tod Beardsley, Research Director at Rapid7 commented below.
Tod Beardsley, Research Director at Rapid7:
“The “HoeflerText font not found” malware lure, which targets Google Chrome users on Windows, continues to make the rounds via compromised WordPress sites. This attack was first documented by researchers at Proofpoint in mid-January, and gets a lot of design elements right where other malware lures fail. The prompt is disguised as a seemingly-legitimate popup sourced from the browser.
So far, the attacks appear to be limited to compromised WordPress sites — a field that is, unfortunately, rich with targets. While most WordPress vulnerabilities are actually found in non-standard WordPress plugins, a rather serious vulnerability was patched in the 4.7.2 release of the WordPress core engine in late January.
Operators of WordPress sites are urged to patch up to at least version 4.7.2 as soon as possible, since the vulnerability discovered by Sucuri can be exploited by attackers to arbitrarily rewrite any post hosted on a WordPress site, including the ability to inject malware lures such as the missing HoeflerText font attack.
Chrome users should be aware that legitimate warnings from the Chrome browser will never appear as overlays to a web page. Specifically, Chrome does not offer any functionality for prompting for a missing font download, and all such prompts are sourced from malware or malvertising campaigns. In the rare cases the browser needs to communicate a security or misconfiguration warning to the user, these warnings will appear as a full, replacement page, such as the familiar “Your connection is not private” warning for misconfigured SSL certificates.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…