University Crest

[wlug] Google Fixes Chrome 'Evil Cursor' Bug Abused by Tech Support Scam Sites

wlug archive index About the wlug list Mailing lists home
To The University of Waikato HomepageWaikato Home > Waikato Mailing Lists > wlug Info > wlug archives
Peter Reutemann fracpete@w...
Tue Mar 26 12:15:43 NZDT 2019

'Google has patched a Chrome bug that was being abused in the wild by
tech support scammers to create artificial mouse cursors and lock
users inside browser pages by preventing them from closing and leaving
browser tabs. From a report:

The trick was first spotted in September 2018 by Malwarebytes analyst
Jerome Segura. Called an "evil cursor," it relied on using a custom
image to replace the operating system's standard mouse cursor graphic.
A criminal group that Malwarebytes called Partnerstroka operated by
switching the standard OS 32-by-32 pixels mouse cursor with one of 128
or 256 pixels in size. A normal cursor would still appear on screen,
but in the corner of a bigger transparent bounding box. [...] The
"evil cursor" fix is currently live for Google Canary users, and is
scheduled to land in the Chrome 75 stable branch, to be released later
this spring.'

-- source:

Cheers, Peter
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174

More information about the wlug mailing list
NOTICE: This is an archive of a public mailing list. The University of Waikato is not responsible for its contents.

The University of Waikato - Te Whare Wananga o Waikato