Summary
StealC malware hackers force Chrome users to reveal Google password. The credential-stealing campaign uses malware called StealC. The only thing displayed on the browser screen is a login window.
The technique involves launching the victim's browser in kiosk mode and navigating to the login page of the targeted service, usually Google. Once they have done that, then a bog-standard bit of credential-stealing malware, in this case StealC, deploys to grab the passwords from the Chrome browser’s credential store and deliver them to the attackers.
TrickMo is a new variant of a known banking Trojan called TrickMo that now pretends to be the Google Chrome web browser app for Android. TrickMo will also use an HTML overlay attack, essentially displaying a screen that looks like a genuine login to capture account credentials.
The TrickMo variant of the Android malware can be killed with a power button shutdown. Malwarebytes has a free malware scanner which can help in this system cleansing.
