Browlock flies under the radar with complete obfuscation | Advanced Mobile Spy Software
Browlocks are the main driving force behind tech support scams, using a combination of malvertising and clever browser locker tricks to fool users. In fact, the effects can be so convincing that people call the rogue Microsoft support number for help because they believe their computer has been hijacked. Crooks are constantly trying out new tricks to defeat modern browsers and evade detection. Recently we've seen the "evil cursor" that prevents you from closing the fake alert, and the fake virus download that insinuates your computer is already infected. This time, we look at how browser locker pages use encoding to bypass signature-based detection. Encoding and other obfuscation types The use of Base64 or hex encoding to hide malicious scripts is as old as the moon. Malware authors have been relying on those to make identification of malicious code much more difficult for both human eyes and scanners. Tech support scammers have been no stranger to leveraging obfuscation within their