Posted on the Malwarebytes blog over a week ago, but I’ve been out of office. Still, this is definitely worth reading.
Jérôme Segura for Malwarebytes: Browlock flies under the radar with complete obfuscation – “Browlocks are the main driving force behind tech support scams, using a combination of malvertising and clever browser locker tricks to fool users. [….] Recently we’ve seen the “evil cursor” that prevents you from closing the fake alert, and the fake virus download that insinuates your computer is already infected. This time, we look at how browser locker pages use encoding to bypass signature-based detection.”