Scammers Using Firefox Bug to Lock Down Browsers

Scammers Using Firefox Bug to Lock Down Browsers

Some of the most effective online attacks rely on social engineering as much as clever coding. Scammers have started exploiting a bug in Firefox that causes the browser to lock up, pushing users to call a phone number for support. Mozilla is reportedly working on a fix for this issue, but users with less technical knowledge may be unable to get rid of the locked page even after restarting the browser.

This attack is, at its heart, a classic tech support scam. The new wrinkle here is the scam page uses the Firefox bug to make it impossible to ignore. When a user lands on the boobytrapped page while using Firefox, the browser shows a login box that cannot be dismissed. Attempting to close the browser also doesn’t work.

Below the popup, the fraudsters display a message in broken English that reads:

Please stop and do not close the PC… The registry key of your computer is locked. Why did we block your computer? The Windows registry key is illegal. The Windows desktop is using pirated software. The Window desktop sends viruses over the Internet. This Windows desktop is hacked. We block this computer for your safety.

If the victim calls the phone number on the page, they’ll connect with a person claiming to be with Microsoft tech support. However, that’s a scammer who will attempt to trick them into paying money for some product or service they don’t need — in this case, a non-existent Windows license. The only way to close the browser once it’s been locked is to end the process (both Windows and macOS). If you have the misfortune of running Firefox with tab restore enabled, the offending page will just come back the next time you open the browser. In that case, you’d need to disconnect from the network or reset the browser preferences to free yourself.

Scammers Using Firefox Bug to Lock Down Browsers

Unfortunately, many people won’t have enough technical knowledge to clear a browser lock like this, and the odd behavior will convince more users that there is something genuinely wrong, and maybe they ought to call that mysterious number.

Mozilla developers have stated they’re working on a fix that will rollout soon. For now, it’s a good idea to disable tab restore to speed recovery in case you run into a page exploiting this bug.

Continue reading

Review: The Oculus Quest 2 Could Be the Tipping Point for VR Mass Adoption
Review: The Oculus Quest 2 Could Be the Tipping Point for VR Mass Adoption

The Oculus Quest 2 is now available, and it's an improvement over the original in every way that matters. And yet, it's $100 less expensive than the last release. Having spent some time with the Quest 2, I believe we might look back on it as the headset that finally made VR accessible to mainstream consumers.

Asteroid Bennu Might Be Hollow and Doomed to Crumble
Asteroid Bennu Might Be Hollow and Doomed to Crumble

A new analysis from the University of Colorado Boulder’s OSIRIS-REx team suggests the Bennu is much less stable than expected. In fact, it could completely go to pieces in the coming eons.

What Does It Mean for the PC Market If Apple Makes the Fastest CPU?
What Does It Mean for the PC Market If Apple Makes the Fastest CPU?

Apple's M1 SoC could have a profound impact on the PC market. After 25 years, x86 may no longer be the highest-performing CPU architecture you can practically buy.

Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs
Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs

Intel, AMD, and Qualcomm are working to make Pluton part of their upcoming designs, which should make PCs more difficult to hack, but it also bakes Microsoft technology into your hardware.