Browser Attack using Chromium

[panaceajph]

Hi

I just had my browser display a page claiming to be Microsoft and telling me not to close window or reboot computer and that I was using pirated software and have to call Microsoft to unlock my computer etc. - I closed the browser - actually had to "killall chromium-browser" from command line because clicking close buttons didn't work. I've never seen anything like this before and am asking for help in understanding what kind of attack it was and if I'm safe from further attack or if I have some sort of security weakness. Also concerned that passwords saved with browser might have been compromised.

The phone number to call to unlock computer was <phone number removed by moderator> (Never ever even think of calling them.)

this is the address of the attack page (don't go there unless you know what you're doing) <address camouflaged by mod>



First time posting to forums. Neither newbie nor expert, long time Linux user and have been using Linux Mint for several years. I don't appear to have a problem right now, but am looking for some insight on what happened.

Currently using Linux Min 18.1 Cinnamon 64, version 3.4.7 and browser is Version 69.0.3497.81 (Official Build) Built on Ubuntu , running on LinuxMint 18.1 (64-bit)

Thanks for any thoughts you might have.

[karlchen]

Hello, panaceajph.

What you came across was a scam, a faked Microsoft security webpage. Of course the intention was malicious. What precisely we cannot tell.
You did the right thing by klling chromium.
My advice will be:
+ Clear the complete browser cache.
+ Clear the complete browser history.

Whether the fraudulent website may have stolen any of the passwords, which you may haves stored inside the Chromium profile? Hm. I do not think so. Yet, if you want to be on the absolute safe side, you change any account password, which is stored inside the Chromium profile.

Best regards,
Karl

[Pepi]

If you still have the phone number report it to this website ... https://scammerblaster.com/


I called the phone number on my 'scam the scammer' machine and wasted around 30 mins of their time. They were a fake Microsoft Support center that gets on your PC and trashes it and then want money to fix it

[panaceajph]

Thanks for the information, Karl. I'll follow your advice.

Pepi- I tried to report the number, but they didn't make it easy. Will look at it again later.

[Pepi]

Thanks for the information, Karl. I'll follow your advice.

Pepi- I tried to report the number, but they didn't make it easy. Will look at it again later.

I PM you

[Pepi]

Thanks for the information, Karl. I'll follow your advice.

Pepi- I tried to report the number, but they didn't make it easy. Will look at it again later.

He is very BUSY right now trashing out many of these scammer setups. 2 million flood calls since yesterday is what he said. He has been asked for proof and he is supplying proof later this week

[Hoser Rob]

I'vbe seen this sort of thing in Linux before. While Linux may give you freedom from viruses it doesn't make you free from browser based hacks. Perhaps you hadn't updated chromium that day? A few browser extensions can help with this sort of thing, like HTTPS Everywhere, a good ad blocker (uBlock Origin is the best I know of), maybe noscript, but that's too involved for casual use by most.