One poor student got more than they bargained for when they did some web surfing on a library computer.  An innocent click  on a search result produced this alarming notification.

 

The freaked out student asked library staff for help and IT Services was contacted. Once the technician arrived, he realized the computer was a victim of a Chrome browser takeover.  In a Chrome browser takeover, it looks like the computer itself has been compromised as the normal Window controls are missing and the only way to get rid of the alerts appears to be by calling the toll free number.

 

 

In reality, the computer is just fine and it is only the Chrome browser that has been hijacked. Since Microsoft does not monitor computers for malicious software, nor do they block access to your computer, the technician knew what type of attack he was dealing with.  To regain access to the computer, he did the following:

1. Pressed CTRL + ALT + DELETE to view the Task Manager
2. Clicked on Google Chrome in the Apps list
3. Clicked the End task button

This closed down Chrome and returned the computer to normal. Both the student and the library staff were releived that no harm had been done. So was the technician who congratulated them both on contacting the IT Service Desk rather than trying to resolve the issue on their own.

Unfortuately there is no way this attack could have been prevented. The website that iniated the attack was a legitimate site that had been compromised. There was no way to know that before the link was clicked as that site had been visited many times before without issue.

Remember, if you see an alert appear on your computer insisting that you call a phone number to fix it, it is a scam. Close the browser window and don’t visit that website again. If the Window controls are missing, shut down the browser using the task manager. No legitimate anti-virus software will ask you to call them.