Hackers are using full-screen Chrome to steal Google passwords

google login hack laptopImage: Mark Knapp / IDG

There’s a new hacking method making the rounds and it’s as clever as it is annoying. According to a new report, attackers are using the Kiosk Mode of Chrome to put the browser into full-screen mode, which then refuses to let you do anything else until you input your Google password. At that point, of course, your password is stolen.

A report from OALabs observes this novel attack vector for stealing Google credentials. It’s really a combination of two techniques.

First, a Windows program loads up a dummy Google login page in Chrome and then activates Kiosk Mode. This is a UI feature that shows a page in full screen and won’t let you navigate to other programs — exactly the sort of thing you’d see at a self-service retail kiosk. Even advanced users might have trouble getting around this because it disables some inputs (like F11 to exit full-screen mode).

But the only thing you can do on the dummy page is put in a Google login and password. Once you do, another program grabs said login data and squirrels it away to a remote hacker. In the worst-case scenario, the hacker then changes your password, immediately locking you out of Gmail and any other accounts associated with that information, including third-party services that use Google’s login platform.

It’s a devious little one-two punch for identity thieves. While the tool has been observed going after Chrome specifically, it’s capable of using other browsers with similar implementations of Kiosk Mode to do the same.

Savvy Windows users might be able to circumvent the login prompt — the good ol’ Ctrl + Alt + Delete keyboard shortcut should still get you into the Task Manager where you can shut down the browser, for example. But this combination of tools is so direct and so annoying that even long-time PC users might just input their Google passwords out of reflex.

As always, be careful when you download anything and be mindful of where you’re downloading it from. And if you ever see a full-screen Google login page unexpectedly, the first thing you should do (after escaping it) is run a good virus scan.

Further reading: The best antivirus software for Windows

Michael is a 10-year veteran of technology journalism, covering everything from Apple to ZTE. On PCWorld he’s the resident keyboard nut, always using a new one for a review and building a new mechanical board or expanding his desktop “battlestation” in his off hours. Michael’s previous bylines include Android Police, Digital Trends, Wired, Lifehacker, and How-To Geek, and he’s covered events like CES and Mobile World Congress live. Michael lives in Pennsylvania where he’s always looking forward to his next kayaking trip.

Recent stories by Michael Crider:

LinkedIn is training AI with your data. Here’s how to opt out ASAP‘PKfail’ Secure Boot disaster just went from bad to worseYouTube vows to protect creators from AI fakes

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注