Amadey-ville: new malware tricks you into giving up your Google creds

Estimated reading time: 3 minutes

When it comes to online security, how confident are you and your team? You likely know the basics—avoid phishing scams, suspicious downloads, and unknown links. But even the most cyber-aware teams need to stay alert: new, advanced malware tactics are emerging with the intent to outsmart even seasoned professionals.

A new malware variant, tied to a larger threat called Amadey is making waves across cybersecurity circles. This sneaky software doesn’t just attempt to capture clicks or download dangerous files; instead, it manipulates your entire screen, blocking access to crucial navigation tools in a clever attempt to hijack your Google login credentials.

Amadey: A Deceptive Full-Screen Trap

Once this malware infiltrates your system, it triggers “kiosk mode”—a restrictive setting usually found on public-access computers that allows only one active window. Kiosk mode, as the name implies hides essential browser elements like your address bar and navigation buttons. The malware then redirects you to a fake, full-screen Google password reset page.

Now normally you’d think to hit Esc or F11 to escape full-screen mode, right? But here’s where the malware’s trickery intensifies: these shortcuts are disabled. The intention is clear—Amadey wants you to believe the only solution is to enter your Google credentials to “resolve” the issue. However, once you enter your details on this counterfeit page, a secondary malware lurking in the background captures your data and delivers it directly to cybercriminals. Yikes!

Escape Tactics: How to Regain Control Without Compromising Security

Faced with a locked screen? Try these simple but effective methods to reclaim control without entering any personal details:

  • Press ALT+TAB to switch to a different application.
  • Use ALT+F4 to close the active window.
  • Open Task Manager (CTRL+ALT+DELETE) to force-close the browser.
  • If these don’t work, restart your device manually by holding down the power button.

And of course, once you regain control, take proactive steps to scan and remove any malware.

Prevention is Key: Strengthening Your Team’s Security Mindset

As powerful as recovery tactics are, prevention remains your best defense. Encourage your team to be cautious if their browser unexpectedly enters full-screen mode or if they encounter unusual prompts, particularly for password resets. Remind your staff to avoid clicking unknown links, downloading suspicious attachments, or entering credentials on sites that don’t look authentic.

Ready to take your team’s cybersecurity knowledge to the next level? At Leap Cloud Solutions, we’re here to empower you with cutting-edge security insights and hands-on training to tackle threats like these head-on. Get in touch today and ensure your team stays one step ahead of the latest cybersecurity challenges.

Responsive. Proactive. Leap Cloud Solutions.

Why gamble with your IT investment?

“I’m tired of IT systems that are operating poorly. Tired of expensive & limited solutions that don’t scale with the business. Tired of support applying short-term bandaids to long-term problems. I want a solution that scales without any IT hassles. I want technology to be an aid, not a burden. And I want a team of experts I trust to lead the way. I’m ready.”

Well said. Let's make that happen.

“Excellent and fast service! It's quite peaceful to know we can survive a cyber attack now!”

César B.

Cruickshank & Company

“We consider Leap Cloud Solutions a part of our team. They’re very security focused. They’re responsive to our concerns, they’re always anticipating our needs with regards to technology and giving us great suggestions.”

Justin L.

Golbey-Levine Lawyers + Advisors