😯 "You're ONLY using your Google acct today" says this malware. 🗝️


Hackers are now using a new tactic to steal Google account passwords.

This tactic, called credential flushing, relies on getting malware onto a device that locks the system into “kiosk mode.”

In this mode, users are prevented from doing anything else without providing their account credentials.

Once hackers intercept the information, they can access the victim's Google account and steal personal data.

Think of all the receipts, invoices, credit card and bank statements that are tucked in Gmail folders…

They get to see all of that!

Like the technique used in the past, prompt bombing, this method also relies on user-frustration.

Once the malware, StealC, makes its way onto the device, it locks into full-screen mode with the only screen the user is able to access being the Google account login screen.

The user has only one-way out: Enter their login and password.

Prompt bombing is a tactic designed to wear you out.

They overwhelm the victim with multiple 2FA (two-factor authentication) prompts and repeated notifications, leading them to accidentally approve the login attempt.

The method also capitalizes on user frustration and fatigue.

Simply, you just get tired of seeing those prompts.

As a result, many people mistakenly assume that their device is malfunctioning or that something is wrong with the system.

In a desperate attempt to stop the notifications, users might unwittingly click "Approve," thereby granting attackers instant access to their Google accounts. 😯

To avoid falling victim to these techniques, users can take several precautionary measures:

  • Stay Calm: If you get locked into kiosk mode or receive a barrage of 2FA prompts, do not enter credentials or approve any requests, especially if you weren’t actively trying to log in. This could be a sign of an ongoing attack.
  • Change Your Password: If you suspect an attacker is targeting your account, change your password immediately. Go into your account on another device and go directly to the account without using a link. Make sure to use a strong, unique password for every account, and avoid reusing passwords across services.
  • Enable Stronger 2FA Options: Use more secure forms of two-factor authentication, such as hardware security keys, when possible. However, using some form of 2FA is always better than using none.
  • Review Devices Logged into Your Account: Regularly check your account for any unfamiliar devices that may have logged in, and revoke access if needed. You can find this information in your browser settings.
  • Never use your Google, or any other account credentials as your login for some other account. It might be a little more cumbersome to use separate ones for everything, but remember if one account is compromised, the others with the same credentials are at risk too.
  • Look out for phishing. Receiving unexpected links or attachments is a good sign of phishing and a good way to get malware on your device. Watch for typos, grammar mistakes, and blurry graphics too. And if you don’t know the sender, don’t click anything.

Need to get out of “kiosk” mode? Well, you can try hotkey combos of Alt + F4, Ctrl + Shift + Esc, Ctrl + Alt +Delete, and Alt +Tab on Windows devices, which could enable you to get to your desktop and launch the Task Manager.

This may allow you to kill the browser.

If not, there’s always the “Hail Mary” method; You can shut the machine down completely and restart it. However, you’ll need to reboot into safe mode to do a full system scan to ensure you’re not just restarting the malware.

If you need more help, consult with a technical support professional or someone you trust.

And of course, always keep anti-virus software on all of your devices and keep it updated. While it won’t catch all of the malware, it will certainly catch a lot of it.


Stay safe,

Your Dicar Networks Team


I hope these cybersecurity messages help you avoid losing of time or money.

Some of our readers have told us they can rest easy, when it comes to malware and scams, because they've subscribed to our continuous network vulnerability assessment.

What does it cost to relax, knowing you're under constant watch?

For $80/mo, we handle everything to keep your network secure.

Call (408) 850-6400 or hit reply and say, "Assess My Network."
(Tell me you came across our email)

Every business is different. We give Tailored IT Solutions so you never have to experience overpaying for tech-bloat.

We specialize in helping small businesses like yours thrive with technology that’s just right for you. Here’s how we can support your growth:

  1. Strategic IT Insights – Uncover productivity and growth opportunities with our Business IT Diagnostic Worksheet and Project Planning.
  2. Custom Managed IT Services – Gain peace of mind with IT solutions tailored to your specific requirements and budget.
  3. Next-Gen AI-Driven Security – Protect your business with AI-enhanced, cloud-based physical security, including smart cameras, access control, and environmental monitoring.

Ready to secure and streamline your business? Let's connect today and start building your path forward.

Dicar Networks Offices are located in Morgan Hill, and San Jose, California!

Corporate Office
295 E Dunne Ave #120
Morgan Hill, CA 95037
(408) 850-6400
sales@dicarnetworks.com