This Malware Tricks You into Giving Up Your Login Details
How vigilant is your team when it comes to online security?
Most of us are cautious about phishing scams, sketchy downloads, and those suspicious-looking links. But a particularly sneaky new type of malware (short for “malicious software”) has emerged, aiming to irritate users into surrendering their Google login information.
This malware, part of a broader threat known as “Amadey” that’s been gaining ground since August, doesn’t yet have a catchy name. It works by forcing your PC into “kiosk mode”—a setting often used on public machines that restricts access to just one window. This mode locks your browser in full screen, hiding essential navigation elements like the address bar and menus. Then, it directs you to a fake Google password reset page.
Normally, you’d think of hitting Esc or F11 to exit full screen mode. However, once this malware is in your system, those shortcuts won’t work. Its goal is to convince you that you must enter your password to resolve the issue.
The fake password reset page closely mimics Google’s, but the moment you input your details, they’re instantly captured by a second piece of malware in the background, handing them directly to cybercriminals.
Sound alarming?
There’s good news: You can escape without entering your credentials.
If you find your browser stuck in full screen mode, try pressing ALT+TAB to switch tasks, ALT+F4 to close the window, or use the task manager (CTRL+ALT+DELETE) to shut it down.
If nothing works, a hard reboot (holding down the power button or unplugging) should do the trick. Then, let an expert (like us) check your device for malware.
Of course, prevention is always better. If your computer starts acting up—particularly if your browser goes full screen and won’t let you navigate away—take notice. Avoid clicking unknown links or downloading unfamiliar attachments. And as frustrating as it might be to get locked in an endless loop, never enter your password unless you’re entirely confident the site is legitimate.
Would you like us to help your team stay protected against the latest threats? Contact us to learn more.
