Slashdot Mirror

← Back to Stories (view on slashdot.org)

Scammers Use Download Bombs To Freeze Chrome Browsers on Shady Sites (bleepingcomputer.com)

Posted by msmash on from the security-woes dept.

An anonymous reader shares a report: The operators of some tech support scam websites have found a new trick to block visitors on their shady sites and scare non-technical users into paying for unneeded software or servicing fees. The trick relies on using JavaScript code loaded on these malicious pages to initiate thousands of file download operations that quickly take up the user's memory resources, freezing Chrome on the scammer's site. The trick is meant to drive panicked users into calling one of the tech support phone numbers shown on the screen. According to Jerome Segura -- Malwarebytes leading expert in tech support scam operations, malvertising, and exploit kits -- this new trick utilizes the JavaScript Blob method and the window.navigator.msSaveOrOpenBlob function to achieve the "download bomb" that freezes Chrome.

6 of 72 comments (clear)

  1. Re:Who's to blame? by AvitarX · · Score: 2

    On Apple it causes a hang warning with an option to force close, doing so kills only the tab in question.

    --
    Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
  2. Re:Javascript in the browser *is* the malware by Anonymous Coward · · Score: 3, Insightful

    Says someone weeks after Meltdown was demonstrated... running as Javascript in a browser.

    Way to go!.

  3. This should be say to fix on the client side by mark-t · · Score: 2

    When a download is initiated by javascript, the browser should pop up a simple dialogue (non modal, but otherwise an "on top" window so they can continue to otherwise use the browser) to confirm the download with a yes/no. Permit only one of these dialogue windows at a time. Other threads wanting to pop up the dialogue can be suspended until the current dialogue is dismissed Threads requesting a download can be handled on a first come first serve.basis.

    --
    File under 'M' for 'Manic ranting'
  4. Re:msSaveOrOpen on Chrome? by TFlan91 · · Score: 4, Informative

    I was coming here to say just this.

    Only in IE do you use navigator.msSaveOrOpenBlob

    In Chrome / FF / Safari, you use FileReader.

    So this sentence:

    "this new trick utilizes the JavaScript Blob method and the window.navigator.msSaveOrOpenBlob function to achieve the "download bomb" that freezes Chrome"

    Straight PR move to cast shade on Chrome

  5. window.navigator.msSaveOrOpenBlob by zifn4b · · Score: 4, Insightful

    Only works on Microsoft browsers. I don't see a problem here.

    --
    We'll make great pets
    1. Re:window.navigator.msSaveOrOpenBlob by thegarbz · · Score: 3, Interesting

      Only works on Microsoft browsers. I don't see a problem here.

      And yet the screenshot shows it running on Chrome. I have no doubt that Microsoft is at fault or that Microsoft browsers are affected, but clearly it seems to work on Chrome just fine.