Have you heard of the so-called “download bomb” bug which occurs when hundreds or even thousands of downloads are initiated? The result of this technique is that the affected browser stops functioning properly as it typically freezes on a specific page.
This bug was observed last winter to affect Google Chrome when tech support scammers used it to trap users on their dubious pages. The download bomb bug is back once again with the release of Google Chrome 67 but this time researchers found it affects other browsers as well such as Firefox, Vivaldi, Brave and Opera.
More about the Download Bomb Bug
This technique requires the initiation of countless downloads with the purpose to freeze the browser on a certain page. This page is usually crafted by tech support scammers. There have been different variations of download bombs but the end goal is usually the same – trapping the user on the scammers’ page.
In one case, scammers deployed the JavaScript Blob method together with the window.navigator.msSaveOrOpenBlob function to trigger thousands of downloads in a loop to freeze Chrome on tech support pages. This particular download bomb bug was fixed by Google with the release of Chrome 65.0.3325.70. Unfortunately, the problem is back in Chrome 67.0.3396.87, as obvious by new comments in the official bug report.
According to a user who came across the download bomb in Chrome, “This is broken again in 67.0.3396.87”, as he stumbled upon this issue by a malicious redirect to a scam site that froze my browser. The issue has been confirmed by other users as well, and it also appears that the bug affects other browsers, too.
According to security researcher Jérôme Segura, Firefox is also affected. Other tests reveal that Brave and Vivaldi browsers also freeze under this type of download attack.
It shouldn’t be too surprising that this technique has resurfaced and is once again affecting users. Microsoft recently reported that it received 153,000 reports from users who were targeted by tech-support scammers via the phone or the web, like in the case of the download bomb. These reports were up 20% in comparison with 2016, with statistics gathered from 183 countries.
Why are tech-support scams so successful?
One reason that comes to mind is the variety of approaches and techniques scammers use to lure their victims. They often use Microsoft’s name, claiming they are representatives of the tech giant, but other big company names are also leveraged. These scams have one thing in common – to trick the user to visit a specific page and make it nearly impossible to exit it.