Date:04/07/18
Earlier this year, a bug in Google Chrome was a rejoice for tech support scammers who could freeze people’s browser using the infamous download bomb trick.
It involves making thousands of downloads from a single booby-trapped web page. Ultimately, the targeted user has to call the given tech support number to get things right.
The security firm Malwarebytes spotted the bug. Later, a fix was issued by Google in Chrome 65.
But it seems the bug has returned to annoy the users of Chrome 67. Last month, some users reported its comeback by commenting in the original bug tracker.
“This is broken again in 67.0.3396.87. Stumbled upon this issue by a malicious redirect to a scam site that froze my browser, and repro.html on this bug causes it too.” – a user wrote in the comments (issue 809775).
The list isn’t just limited to Chrome. It can be reproduced in Firefox, Brave, Opera, and Vivaldi. However, Edge and Internet Explorer aren’t affected.
When you run the proof-of-concept in an affected browser, you’ll see that the RAM and CPU usage escalates quickly. Ultimately, it freezes your browser. In the Task Manager, you can kill the browser process to make the web browser normal again.
As per the comments, no further Chrome 67 updates are planned, so a fix should be expected in Chrome 68 which is due to release later this month, possibly on July 29. Also, a new issue (860045) has been created to keep eye on the progress.
Google Chrome’s “Download Bomb” Attack Is Back, Also Affects Firefox, Opera, Brave
Earlier this year, a bug in Google Chrome was a rejoice for tech support scammers who could freeze people’s browser using the infamous download bomb trick.It involves making thousands of downloads from a single booby-trapped web page. Ultimately, the targeted user has to call the given tech support number to get things right.
The security firm Malwarebytes spotted the bug. Later, a fix was issued by Google in Chrome 65.
But it seems the bug has returned to annoy the users of Chrome 67. Last month, some users reported its comeback by commenting in the original bug tracker.
“This is broken again in 67.0.3396.87. Stumbled upon this issue by a malicious redirect to a scam site that froze my browser, and repro.html on this bug causes it too.” – a user wrote in the comments (issue 809775).
The list isn’t just limited to Chrome. It can be reproduced in Firefox, Brave, Opera, and Vivaldi. However, Edge and Internet Explorer aren’t affected.
When you run the proof-of-concept in an affected browser, you’ll see that the RAM and CPU usage escalates quickly. Ultimately, it freezes your browser. In the Task Manager, you can kill the browser process to make the web browser normal again.
As per the comments, no further Chrome 67 updates are planned, so a fix should be expected in Chrome 68 which is due to release later this month, possibly on July 29. Also, a new issue (860045) has been created to keep eye on the progress.
Views: 294
©ictnews.az. All rights reserved.
Similar news
- Azerbaijani project to monitor disease via mobile phones
- Innovative educational system to be improved under presidential decree
- NTRC prolongs license of two TV and radio organizations for 6 years
- Azerbaijan establishes e-registry for medicines
- Azerbaijani museum introduces e-guide
- Nar Mobile opens “Nar Dunyasi” sales and service center in Siyazan city
- International conference on custom electronic services held in Baku
- OIC secretary general to attend COMSTECH meeting in Baku
- Azerbaijan develops earthquake warning system
- New law to regulate transition to digital broadcasting in Azerbaijan
- Azerbaijani State Social Protection Fund introduces electronic digital signature
- Intellectual traffic management system in Baku to be commissioned in December
- Tax Ministry of Azerbaijan started receiving video-addresses
- World Bank recommends Azerbaijan to speed up e-service introduction in real estate
- Azerbaijan to shift to electronic registration of real estate
