0E800 Security firm NeoSmart Technologies recently identified the malicious campaign while browsing an unnamed WordPress website that had allegedly already been compromised, possibly due to failing to apply timely security updates. The scam is not a new one to identified by NeoSmart. It has been making rounds since last month. The hackers are inserting JavaScript into poorly secured, but legitimate websites to modify the text rendering on them, which causes the sites to look all jumbled with mis-encoded text containing symbols and other random characters. So if Chrome users come across such websites from a search engine result or social media site, the script makes the website unreadable and prompts them to fix the issue by updating their 'Chrome font pack.' The prompt window says: "The 'HoeflerText' font wasn't found," and you're then asked to update the "Chrome Font Pack." If clicked, it actually installs a malware trojan on your machine. Read more here: http://thehackernews.com/2017/02/HoeflerText-font-chrome.html
datitisev I remember seen this in the daily WebDesignerNews email. Nice of you to communicate with the Flarum community ?
