Recently a Google Chrome scam has been observed that can infect a computer with crafty malware.
This scam called “Font wasn’t found” involves malware that changes website text into missing objects in order to appear as if the font is missing from the website.This fake font update is hosted on compromised websites that contain outdated security patches or plugins. Upon visiting a compromised site, a “HoeflerText font wasn’t found” popup message appears intending to trick the user into downloading a font file, disguised as a browser update. Compromised websites are hotspots for hosting malware that waits for unsuspecting website visitors to download and execute, a.k.a. Drive by downloads.
So, What does the scam do?
Once downloaded, the malicious file injects and rewrites a portion of the script within an unsecure website (due to outdated security patches) to generate the fake update which is used to trick the user into installing the file. Once the malware is installed, it is capable of collecting personal data from the PC and browser information such as website visitations.
How can I identify this scam?
- The text within the dialog window displays a running version of Chrome 53, which you shouldn’t have because you are updating your browser, right? So, the indication that this message has a lower browser version would be one key indicator.
- The file names are also suspicious and inconsistent. Upon clicking the “update” button the executable file (.exe) is listed as “Chrome Font v7.5.1.exe” This file is not labelled as “Chrome_Font.exe” like in the in malicious instructions.
And 3 – Another indicator would be a prompt from google warning you that “This file isn’t downloaded often” as you try to download the file.
What are some ways to protect my PC?
Keep your software up-to-date. This is especially true for things like your operating system, security software and Web browser, but also holds true for just about any program that you frequently use. Viruses often take advantage of bugs or exploits in the code of these programs to propagate to the new machine.
It’s also important to avoid taking actions that could put your computer at risk. These include opening unsolicited email attachments, visiting unknown websites or downloading software from untrustworthy websites Currently, the “Font wasn’t found update” scam is targeting Chrome browsers on Windows PCs.
As always make sure your PC is protected by running weekly scans, using products like Avast and Malwarebytes Anti-malware.