Tech support scammers use old bug to freeze browsers

Tech support scammers are exploiting a bug that maxes out users’ CPU and memory capability and effectively freezes the browser and possibly the computer, in an attempt to convince users that they have been hit with malware.

According to Malwarebytes’ Jérôme Segura, the bug in question was identified in 2014 and it affects Chrome, Firefox and Safari. It is still unfixed, and is now used for social engineering purposes.

It can be triggered by simply adding a few lines of code to a website that the victims will be tricked into visiting or will be redirected to by a malicious ad.

The bug results in the browser freezing (but not crashing), with the above message shown.

Users who know better will try to open the Windows Task Manager or a similar tool and kill the browser process, but if the computer is not powerful enough to open another software while all this is going on, they will have to reboot the system to get their computer back in working order.

Unfortunately, impressionable and less tech-savvy users will be scared, and many will likely call the offered number. The number, of course, does not lead to a reputable tech support service – it is manned by the scammers, who will try to convince the victims to pay for a computer cleaning service or (fake) software.

The website (perfecthosting[.]co/alert/) hosting the bug-triggering exploit and the fake alert is already being flagged as deceptive by Google Safe Browsing, but you can be sure that similar ones are already out there.

According to commenters, the same warning has already been translated to target French-speaking users, and the scammers are impersonating tech support service company Eureka24.