Malwarebytes Researcher Jerome Segura reported on a new Tech Support scam that uses a known HTML5 bug to freeze the system and trick people to call a fake support number. Note, it does not crash the system, it just takes all CPU and almost all memory resources. See the Task Manager stats top right.
The machine gets infected through a compromised ad network with lets a malicious actor push a malicious code snippet instead of a regular ad. The victim just sees a page that looks like a Microsoft website and no matter how many times you try to close the annoying popup, it simply won’t go away. All of this is done by using a few lines of code:
Depending on your computer’s specifications you may or may not be able to launch Task Manager to kill the browser process. Otherwise your system will be brought to its knees and a hard reboot may be the only option left. Whatever you do, please do not call the phone number for support because it is not Microsoft’s but rather a group of scammers waiting to rob you of hundreds of dollars under false pretenses.
Malwarebytes reported this particular scam to the Google Safebrowsing team even though the bug existed before, because the fact it is used in the wild to trick people makes it more urgent to be looked at and fixed.
