Google Finally Addresses The Troublesome ‘Evil Cursor’ Bug In Their Chrome Browser

Google Chrome has rolled-out a patch for a critical bug that caused repeated issues for some users Allegedly, Google have finally fixed the infamous evil cursor flaw in the Chrome browser that was under active exploit in the wild.

About The Evil Cursor Flaw

The infamous evil cursor flaw first surfaced online in 2010. However, at that time, the design flaw could not be established as a security bug. Hence, it eventually remained unaddressed.

Nonetheless, criminal hackers didn’t miss the chance to exploit this bug for malicious purposes. Thus, there rose a flurry of tech support scams exploiting “evil cursor” together with “browlock” technique. In September 2018, a researcher from Malwarebytes unveiled a hacking strategy by scam group “Partnerstroka”, employing these two techniques together to hijack Chrome browsers.

They revealed that the hackers used to direct users towards fake tech support browser-lock pages. They did so by hijacking the victim’s mouse cursor using the evil cursor technique.

Google Patched The Bug

Upon discovering the scam, Malwarebytes Labs reported the matter to Google. However, it took them a while to figure out a solution to protect the users from falling prey to tech support scams exploiting evil cursor.

Nonetheless, as disclosed in a recent bug report, Google engineers have now devised a way to tackle the evil cursor bug. This involves resizing the mouse cursor the moment the mouse leaves the web content. That is, once the user hovers the mouse from the page content to the Chrome browser interface, the browser will revert the cursor to the standard graphics of the operating system. In this way, it enables anyone accidentally landing on a malicious tech support scam page to leave the site.

The fix is presently not available though. The developers will roll-out the fix first for the Canary users in the upcoming version. After that, Google may release the fix for Chrome browser – most likely within Chrome 75, coming this spring.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients