New Malware Locks Browser in Kiosk Mode and Forces Users to Hand Over Google Password

| Updated on September 20, 2024

According to a report by Bleeping Computer, a new malware campaign has come forward that locks users in the browser’s Kiosk mode to frustrate users and trick them into entering their Google credentials, which are stolen by the information-stealing software.

The malware locks the user’s browser on Google’s login page with no obvious way back, as both the “ESC” and “F11” keyboard keys are blocked. Once users are frustrated and enter their credentials, the information is saved and sent to the attacker using the StealC information-stealing malware.

A new report from OALABS, which discovered this new attack, revealed that it has been in use since August of this year, and it relies on the Amadey malware loader, info-stealer, and system reconnaissance tool, which was first deployed in 2018.

Similar to other viruses, Amadey is spread through malicious attachments, malicious ads, pirated software, and malicious files. 

However, OALABS hasn’t specified the exact infection chain used in this new attack in its report.

How to Get Out of Kiosk Mode?

If you find yourself in this situation of getting locked in kiosk mode, where F11 and Esc are no help, you must not give in or enter your credentials at any cost.

Try other hotkey combos like ‘Alt + F4’ (closes an app), ‘Ctrl + Shift + Esc’ (opens task manager), ‘Ctrl + Alt + Delete’ (lets you close an app or reboot your computer), and ‘Alt + Tab’ (switches apps).

Press ‘Win Key + R’ to open the Windows command prompt, type ‘cmd’, and then kill Chrome by entering ‘taskkill /IM chrome.exe /F.’

If nothing seems to work out, hold down the power button on Windows laptops until your computer completely shuts down. Then, press F8 as you boot your computer and select Safe Mode. When you are back in the system, run an antivirus scan to locate the malware.

Akriti Rana

Tech Journalist