Researchers have recently uncovered a new malware campaign involving StealC, a malicious program that tricks Chrome browser users into revealing their Google account passwords.
Images: Getty/iLexx
The malware, Stealc, traps users in a frustrating scenario by locking the browser in "kiosk mode"—a full-screen mode that disables common keys like F11 and ESC, which would usually help users exit. When the browser is in kiosk mode, all users see is a Google login page, making them think they need to re-enter their account details to proceed. Many frustrated users fall for this and type in their credentials.
Unlike traditional malware that directly steals login information, StealC uses a different approach. It relies on a "credential flusher," a method that forces users to enter their account details themselves. Once the victim enters their Google credentials, the StealC malware then collects these passwords from the Chrome browser’s credential store. The malware is part of a larger campaign that starts with the Amadey hacking tool, which has been used for several years to load various types of malware. In this case, Amadey installs both the credential flusher and StealC to carry out the attack.
Image: Shutterstock
This technique is particularly effective because it plays on user frustration. When people feel trapped in full-screen mode with no obvious way out, they are more likely to enter their login details just to regain control of their browser. Researchers have found that this tactic has been in use since at least August 2024, and it primarily targets Google accounts, which hold valuable information like Gmail access, personal data, and even crypto-wallet passwords.
Fortunately, there are ways to escape kiosk mode without giving in to the malware. Users can try several keyboard shortcuts like Alt + F4, Ctrl + Shift + Esc, or Ctrl + Alt + Delete to access the Task Manager and force Chrome to close. Another option is using the Win Key + R combination to open a command prompt, where users can type “taskkill /IM chrome.exe /F” to shut down the browser. If all else fails, performing a hard reboot by pressing the power button and then scanning for malware in Safe Mode can also help.
Image: Freepik
To avoid falling victim to malware like StealC, experts recommend being cautious about unusual browser behavior, avoiding downloading software from untrusted sources, and regularly updating security tools. Running full system scans and staying informed about current threats can help users protect their accounts and devices from this type of attack.
Comments