Hackers Use CypherLoc Kit to Push Fake Microsoft Support Scams

Barracuda Research describes CypherLoc, a sophisticated browser‑lock scareware kit delivered via phishing that executes an encrypted, hash‑gated payload inside the browser, replaces the page at runtime, and uses aggressive UI controls and psychological tactics to force victims to call fraudulent support numbers. The report highlights advanced evasion (sandbox/hash gating, developer‑tools disruption), user‑focused pressure techniques (audio, IP display, fake login forms), estimated scale (≈2.8M attacks in early 2026), and recommends anti‑phishing, browser/endpoint protections, and user education.