Imagine this You leave your computer for a moment with your browser open, and when you return, Google Chrome has stopped working in kiosk mode To make matters worse, the [Esc] and [F11] keys on my keyboard no longer work

Unfortunately, this is a real situation thanks to a malware campaign designed to steal Google passwords and other credentials

As reported by BleepingComputer, the malware used in this new campaign is designed to frustrate users into entering their Google password to unlock their computers in order to get their browsers out of kiosk mode The malware is designed to frustrate users into entering their Google passwords to unlock their computers in order to unlock the browser from kiosk mode But in doing so, they not only give the hackers behind this campaign your Google credentials, they may end up controlling the rest of your online accounts if you have other passwords stored in your browser

Here is everything you need to know about this new malware campaign, including how to disable your browser from kiosk mode in a secure way and what you can do to protect your computer from hackers

According to a new report by the OALABS researchers who discovered this new attack method, it has been used by hackers since August of this year This and similar attacks rely on the Amadey malware loader, information theft tool, and system reconnaissance tool, which were first deployed in 2018

Like other malware strains, Amadey is spread through malicious attachments, malicious ads, pirated software, and malicious files; although OALABS does not mention in its report the exact infection chain used in this new attack, these could be used by hackers to force browsers into kiosk mode

For those unfamiliar with kiosk mode, it is a special setting used by both browsers and apps that runs in full-screen mode to limit user interaction If you go to your local electronics store, you will often see devices in kiosk mode

In this attack, hackers are exploiting Chrome's kiosk mode to limit what someone can do on their computer The attack is that if someone is very frustrated, they may just give in and enter their credentials without thinking through the situation first

When someone enters their Google account password, it is immediately stolen by the StealC malware and relayed back to the hackers behind this campaign You may then be able to change your password immediately, but it is unlikely that the hackers will give you enough time to do so Instead, they have control over your Google account and the passwords you have stored in Google Password Manager

So what should you do if you leave your PC and return to Google Chrome in kiosk mode? First of all, don't panic This is exactly what the hackers behind this campaign want you to do You may not be able to use the Esc and F11 keys on your keyboard, but you can still use Alt + F4 (to close apps), Ctrl + Shift + Esc (to open Task Manager), Ctrl + Alt + Delete (to close apps or restart your computer), Alt + Tab ( Switch Apps), and other keyboard shortcuts for switching and closing apps should be tried

The above keyboard shortcuts can be used to bring the desktop to the foreground, cycle through open apps, or bring up the Task Manager to finish tasks necessary to run the browser

If nothing you do here works, on one of the best Windows laptops, you can hold down the power button until the computer shuts down completely You can then press the F8 key when you start the computer and select Safe Mode This limited version of Windows can run a complete malware scan to find and then permanently remove the Amaday and StealC malware

You should consider using the best antivirus software to protect your PC from malware threats in the future Microsoft's Windows Defender certainly does its job, but paid antivirus software often comes with useful options to keep you safer online, such as VPNs and password managers

As people become smarter about the tricks hackers use, hackers will have to come up with new ones to hook unsuspecting users into their attacks This new campaign is just the latest example But if you are careful online, install updates as soon as they become available, and avoid downloading attachments or clicking on links from unknown senders, you should be fine