Google Finally Addresses The Troublesome ‘Evil Cursor’ Bug In Their Chrome Browser

  • 158
  •  
  •  
  • 1
  •  
  •  
  •  
    159
    Shares

Google Chrome has rolled-out a patch for a critical bug that caused repeated issues for some users Allegedly, Google have finally fixed the infamous evil cursor flaw in the Chrome browser that was under active exploit in the wild.

About The Evil Cursor Flaw

The infamous evil cursor flaw first surfaced online in 2010. However, at that time, the design flaw could not be established as a security bug. Hence, it eventually remained unaddressed.

Nonetheless, criminal hackers didn’t miss the chance to exploit this bug for malicious purposes. Thus, there rose a flurry of tech support scams exploiting “evil cursor” together with “browlock” technique. In September 2018, a researcher from Malwarebytes unveiled a hacking strategy by scam group “Partnerstroka”, employing these two techniques together to hijack Chrome browsers.

They revealed that the hackers used to direct users towards fake tech support browser-lock pages. They did so by hijacking the victim’s mouse cursor using the evil cursor technique.

browlock custom cursor

Google Patched The Bug

Upon discovering the scam, Malwarebytes Labs reported the matter to Google. However, it took them a while to figure out a solution to protect the users from falling prey to tech support scams exploiting evil cursor.

Nonetheless, as disclosed in a recent bug report, Google engineers have now devised a way to tackle the evil cursor bug. This involves resizing the mouse cursor the moment the mouse leaves the web content. That is, once the user hovers the mouse from the page content to the Chrome browser interface, the browser will revert the cursor to the standard graphics of the operating system. In this way, it enables anyone accidentally landing on a malicious tech support scam page to leave the site.

The fix is presently not available though. The developers will roll-out the fix first for the Canary users in the upcoming version. After that, Google may release the fix for Chrome browser – most likely within Chrome 75, coming this spring.

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!