Windows Tech Support Hackers Can Lock Up Screen through Firefox

News Windows Hack Firefox Featured2

Everyone knows the pain of a machine or device that won’t work. There aren’t many things that are more maddening. You need to get your work done, are waiting to watch your favorite show on Netflix, or are trying to contact someone, and your machine or device is not cooperating. It’s what leads you many times to just wanting to throw the machine or device out the window.

That’s what makes it even more upsetting when hackers make their way through to tech help. They are taking advantage of the most vulnerable. But this is an old scam that just won’t go away.

It’s been discovered that the tech support scammers are now taking advantage of a Firefox bug fix to lock up the screens of Windows’ users, still operating on the same premise of convincing them they need to call a bogus tech support hotline.

Windows Tech Support Hack for Firefox

The scam takes advantage of an existing fix for a bug that’s been around for a long time that allows scammers to spam users, convincing them they tech help by sending them “authentication required” prompts. If you haven’t fallen for it, you know someone who has or are worried about a less-tech-savvy person who will.

The prompts that are sent to an affected user prevent them from leaving or closing the browser, locking it up. Mozilla issued a fix with Firefox 68 that was intended to handle the situation and prevent an attack.

The fix blocked all “authentication required” prompts, even those that are issued through Mozilla.

Jérôme Segura, the head of Threat Intelligence at Malwarebytes, found that the scammers have found a way to bypass Mozilla’s fix, and this allows them to use Mozilla’s tactics for fixing the scam to actually con victims further.

News Windows Hack Firefox Content

He also found a second browser-lock scam that was reported to Mozilla a couple years ago, yet they still have not fixed it yet. The scam was initially targeted toward Google Chrome but was fixed in Chrome version 67.

With this particular scam, beneath the number for Windows tech support is a series of dire warnings to the user, such as the following:

“Do not ignore this important warning
Please stop and do not close the PC
The registry key of your computer is locked.
Why did we block your computer?
The Windows registry key is illegal.
This Windows desktop is using pirated software.
This Windows desktop sends viruses over the Internet.
This Windows desktop is hacked.
We block this computer for your safety.
Please call us within 5 minutes to prevent your computer from being disabled.”

Avoiding the Scam

Segura has filed a bug report with Mozilla, and developers are working on a fix for the newer bug in a future release of Firefox. There has been no report on whether they will finally fix the older bug.

Unfortunately, these scams are showing it’s only going to continue. As long as there are people who will possibly fall victim to scams, scammers are going to continue to exploit them.

Users need to be diligent and realize Windows and Mozilla are never going to take over their screens and request authentication. But as long as there are people out there who believe it could happen, the scams will survive.

Have you fallen victim to a Windows tech support scam? Tells us about your experiences in a comment below.

5 comments

  1. One more reason to use Linux.

    A few weeks agon I got a phone call from a frinedly scammer telling me my PC was infected. When I asked which one, since we have 5 at home, the scammer was not able to tell me. Must have been a scammer in training.

  2. Windows…’nuff said. It’s amazing the crap people will put up with just because they’re too lazy, too stupid, or a mixture of both to learn something new. Instead they keep paying through the nose for something that keeps giving grief, problems and security nightmares.

    I *literally* went looking for ‘something different’ back in 2000 because I was so sick and tired of Windows. I’d been using it since 3.1. I’d never heard of any other OS’s, or I had ‘seen’ the word ‘UNIX’ but had no idea what it meant or what it was.

    So, I started a internet search for ‘Operating Systems’. Remember, this was when I was still on dial-up, so it was extremely slow going.

    Finally I decided to try some of the ‘Linux’ flavors I was seeing. I had no idea about it, no idea about the differences in them, and didn’t care – they *weren’t* Windows and that’s all I was concerned with.

    I went through three or four different distributions before finally settling on SuSE (now called OpenSuSE). I think it was 6.2 or 6.3. I stopped using SuSE when they turned traitor and buddied up cozy with Microsoft. I’ve been using Slackware since 9.0 or 9.1 if I remember right. Took almost *days* to download each distro I wanted to try and use, lol.

    This is what I tell people who try to sell me on Microslop – If Bill Gates himself showed up to my home with a check for a million dollars to start using M$ again, I’d tear the check up and throw it back in his face and sic my dog on him.

    1. Even though I share your experience and attitude as far individual users go, there millions of users who HAVE TO use Windows because, like it or not, it is the de facto standard. I used that particular O/S for 20+ years in the corporate environment.

      Ironically, much of the target audience for this article will never read it because sites like MakeTechEasier are beyond their scope of interest. So the Windows Tech Support scam will continue to claim victims.. Most people accessing tech web sites are intelligent enough (I hope) to recognize a scam.

  3. I have been using Linux since 2003 and although it was a true nightmare at times (Dependency Hell anyone?) I overcame the issues and toughed it out, and now?…i will NEVER use another OS. Period. And I know that MS is trying to get all warm & fuzzy with Open Source and to be “friends” in the Linux-sphere, but my problem is this: While I’m sure MS may (or may not?) have “our” (“our” being the Open Source community) best interests at heart when giving us access to their apps, I just see it as being “Too-Little-Too-Late” when we NEEDED audio drivers and graphics drivers, they were not forthcoming, and so the developers in the FOSS community wrote their own, that same could be said for internet Web browsers, office suites, music players, video players, you name it?….they developed it! And unlike most or until recently “all” of Microsoft’s products, these products were not only free to use, but they were open source and free to modify, and you could “peer” into its insides and see how it worked. And now, Microsoft is trying to buddy-up with Linux but their OS is still garbage. I’m not worried about Firefox on my pc’s,….since they all run a version of Linux and I make sure to put certain practices into ply to keep my systems secure. I had to laugh though…at DragonMouth’s story about the tech support phone call. I know some people might not have been so easy on them and would have had them go through maybe 4 hours of trying to get somewhere with the person! LoL!

    1. M$ does not do a project without making sure it has a positive effect on the bottom line. M$ may be many things but altruistic is not one of them.

      “I had to laugh though…at DragonMouth’s story about the tech support phone call.”
      I value my time too much to spend hours yanking the chain of some scammer.

Leave a Comment

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.