A recent generalised malware attack targets users of Chrome, Firefox, Edge, and Yandex

Spread the love

 162 views

Attackers, along with legal ones, insert advertisements into search results.
The Microsoft Defender Research Team has identified a new malware campaign that targets the most popular web browsers to generate ad revenue for malicious actors. While it may seem harmless to the user, the malware’s sophisticated behavior indicates it could be used to gain deeper access to the data on your Windows device.

Microsoft issued a warning this week of a widespread malware campaign that consists of hijacking the most popular web browsers on tens of thousands of devices every day. Attackers are able to make silent changes to users’ computers to inject ads in search results and extract a significant amount of revenue.

Collectively, this family of browser exploits is called “Adrozek” and was first observed in May.

The attackers are using over a hundred domain names hosting an average of 17,300 URLs. Microsoft researchers say they’ve found more that 15,300 unique malware samples. In just five months, they recorded hundreds of thousands of detections of Adrozek across the globe, particularly in Europe, South Asia, and Southeast Asia.

RECOMMENDED READ:  Sony's pocket-friendly Xperia Compact could be making a return this year

The methods used by the attackers aren’t new, but they’ve become more sophisticated as of late and now they can affect multiple browsers at the same time, including Google Chrome, Microsoft Edge, Mozilla Firefox, and the Yandex Browser. Adrozek operates first by adding browser extensions and modifying specific DLL files of your browser, so that attackers can gain the privileges to change settings. This allows them to insert additional ads on top of legitimate ones into web pages you visit.

Adrozek is particularly effective on search engines like Google where attackers are able to target users based on the keywords they search for. As seen on the image above, a user will typically see search results populated by several affiliate links at the top. The more people that click on these links, the more money the attackers make since they get paid by the amount of traffic they can bring to those sponsored pages.

RECOMMENDED READ:  What is Disruptive Technology?

Microsoft explains that Adrozek could easily be used to do more damage to the target PCs by injecting additional malicious payloads and exfiltrating your website credentials. The whole infrastructure that enables the campaign dynamically changes over time, while the domains themselves are improved to look more legitimate.

If you notice the above behavior on your system, one proposed solution is to simply reinstall the browsers you use and learn more about how to prevent malware infections like this one.

READ ALSO:
Apple teams up with Common Sense Media to compile podcasts for children

Good news for parents who want sound audio material for their children. Podcasts have hit a new height over the Read more

Taiwan says that its TSMC-led semiconductor industry has ample water until May

The nation has been facing the worst drought in 56 years Taiwan has eased concerns that global semiconductor shortages could Read more

NFTs,  new crypto craze explained

NFTs are authenticating the originality of digital products If you've been watching tech or financial news late, you may have Read more

Leave a Reply

Your email address will not be published. Required fields are marked *