Fake Font Dropper

less than 1 minute read

Fake Font Dropper<p>Every day we see different website infections. When we receive unusual or interesting cases, our researcher instincts are triggered to investigate the unusual website behavior in order to understand how new infections work. In this case, the odd behavior was the website’s pop-up window claiming there was a missing font.</p>

The Unwanted Popup Window

A website owner reached out to us to investigate the error displaying on their site. The popup window informed the visitors that they were unable to view the content of the site because their computers were missing a font called “HoeflerText”:

</p>

The malware tries to trick visitors into clicking the “Update” button to download a malicious file called: Font_Update.exe

Earlier this year, we wrote about a wave of WordPress infections involving malicious plugins that inject obfuscated scripts, creating unwanted pop-up/pop-unders which serve unwanted ads.

Continue reading Fake Font Dropper at Sucuri Blog.

</img>

You may also enjoy

Spotlight on Women in Cybersecurity

less than 1 minute read

Sucuri is committed to helping women develop their careers in technology. On International Women’s Day, Sucuri team members share their insights into workin...

Hacked Website Trend Report – 2018

less than 1 minute read

We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the GoDaddy Security / ...

Facebook
Google plus
Pinterest
RSS
Spotlight on Women in Cybersecurity
How to Add SSL & Move WordPress from HTTP to HTTPS
Hacked Website Trend Report – 2018
Fake Browser Updates Push Ransomware and Bank Malware
Google Analytics and Angular in Magento Credit Card Stealing Scripts