“Font Wasn’t Found” Google Chrome Malware Scam

By | February 22, 2017

It’s a Trap!

Users are getting a message to download a missing font to read the blog by updating the Chrome font pack…Just Don’t Download and Install It. It’s a Trap!

Hackers and Scammers are targeting Google Chrome users with this hacking scam that’s incredibly easy to fall for, it is asking all users to download a fake Google Chrome font pack update just to trick them into installing malware on their systems.

According to security experts It’s a “The ‘HoeflerText’ font wasn’t found” scam.

Security firm NeoSmartTechnologies recently identified the malicious campaign while browsing an unnamed WordPress website that had allegedly already been compromised, possibly due to failing to apply timely security updates.

Hackers are targeting many users from different regions to get infected since a long time to install malware .

The hackers are inserting JavaScript into poorly secured, but legitimate websites to modify the text rendering on them, which causes the sites to look all jumbled with mis-encoded text containing symbols and other random characters.

So if Chrome users come across such websites from a search engine result or social media site, the script makes the website unreadable and prompts them to fix the issue by updating their ‘Chrome font pack.’

The prompt window says: “The ‘HoeflerText’ font wasn’t found,” and you’re then asked to update the “Chrome Font Pack.” If clicked, it actually installs a malware trojan on your machine.

How to detect the scam:

First of all, the dialog window has been hard-coded to show that you are running Chrome version 53 even if you actually aren’t, which might be a clue that something is not right.

Secondly, there’s an issue with the filenames: Clicking the “Update” button proceeds to download an executable file titled “Chrome Font v7.5.1.exe.” But this file is not the one shown in the malicious instruction image, which reads “Chrome_Font.exe.”

Subscribe for latest security updates