Google Chrome 'Font Wasn't Found' Malware Affects Windows Users

Malware tends to use messages and false advertising to fool users into installing it and a new Chrome malware uses a unique workaround that you’ll want to keep an eye out for.

NeoSmart Technologies, via 9to5Google, discovered a malware prompt that appears on Google Chrome for Microsoft Windows users. As NeoSmart staffer Mahmoud Al-Qudsi writes, the malware works by replacing text on a page with gibberish and then prompting the user to download an update to the “Chrome Font Pack.”

“This attack gets a lot of things right that many others fail at. The premise is actually believable: the text doesn’t render, and it says that is caused by a missing font (HoeflerText, which is a real font, by the way!), which it then prompts you to download and install,” Al-Qudsi said. “The usage of a clean, well-formatted dialog to present the message with the correct Chrome logo – and, more importantly, – the correct shade of blue for the update button. The shape of the update button seems correct, and the spelling and grammar are definitely good enough to get a pass.”

Al-Qudsi notes the malware has several tells that indicate it’s a fake update. These include incorrect Chrome version descriptions and blurred image text. However, the biggest hurdle for the malware comes from how relatively new the program is. NeoSmart found that it wasn’t detected by Windows Defender or Chrome as being a malicious program.

For users, general best practices for malware prevention will apply if you want to avoid a time-consuming cleaning process. When browsing the internet, stay alert for prompts that look unusual or out of place and avoid installing files that popups ask you to download.