Share this article

Improve this guide

Latest news

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

New Chrome scam injects a malicious font update into your PC

2 min. read

Updated onJanuary 16, 2024

updated onJanuary 16, 2024

Share this article

Improve this guide

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Security firm Proofpoint uncovered a scam last month that could push malicious script ontoGoogle Chromefor Windows, infecting your computer. A month later, the scam remains unaddressed. Cybersecurity experts are now warning Chrome users about the persistent malware that comes in the form of a font update for the browser.

The malicious script specifically targets insecure web pages by rewriting the compromised page on the infected Chrome browser. This technique is a form ofsocial engineering, which makes the web page in question hard to read so that a fake font issue is created.

Attackers will then lure users into downloading and installing the fake font update to resolve the problem. Proofpoint explained the scam:

The pages are rendered unreadable by storing all the data between HTML tags in an array and iterating over them to replace them with “�”, which is not a proper ISO character; as a result, the replacement character � [9] will be displayed instead.

Attackers then present the user with a window that provides details of the “issue” and a “solution.” In reality, the supposed solution is the fake font update pack that contains malware. The security company added:

We believe this campaign began on December 10, 2016; since that time, the downloaded executable “Chrome_Font.exe” is actually a type of ad fraud malware known as Fleercivet.

At this stage, users will remain uninfected if they do not execute the downloaded file.

Proofpoint said last month that while the scam was not new, it was notable for merging social engineering and targeting of Chrome users. The security firm warned about other forms of threats where attackers could exploit the human factor and trick users into loading the malware themselves.

Have you encountered this scam over the past couple of weeks? How did you go about it? Share your thoughts in the comments.

And if you happen to see theHoeflerText font wasn’t found message prompting you to download a file, keep in mind that it’s nothing more than a scam.

Radu Tyrsina

Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time).

For most of the kids of his age, the Internet was an amazing way to play and communicate with others, but he was deeply impressed by the flow of information and how easily you can find anything on the web.

Prior to founding Windows Report, this particular curiosity about digital content enabled him to grow a number of sites that helped hundreds of millions reach faster the answer they’re looking for.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Radu Tyrsina