PanamaTimes

Friday, Mar 29, 2024

Microsoft Warns 'Adrozek' Malware is Infecting Thousands of PCs to Insert Ads

Microsoft Warns 'Adrozek' Malware is Infecting Thousands of PCs to Insert Ads

'We recorded hundreds of thousands of encounters of the Adrozek malware across the globe, with heavy concentration in Europe and in South Asia and Southeast Asia,' Microsoft said.

A new malware strain has been spreading to hundreds of thousands of Windows PCs in an effort to inject unauthorized ads into users’ search results, according to Microsoft.

The company has been tracking "Adrozek," a malware family capable of modifying multiple browsers including Google’s Chrome, Microsoft’s Edge and Mozilla’s Firefox in order to insert the ads into search result pages.

“At its peak in August, the threat was observed on over 30,000 devices every day,” Microsoft warned in a blog post on Thursday.

Inserting the ads into your search results is certainly annoying. But the real threat is how the malware can also steal login credentials from the Firefox browser, and potentially give hackers a launching pad for more damaging crimes.

Adrozek works by modifying a browser’s Dynamic Link Libraries or DLL files to change the settings, including turning off the security safeguards and the automatic updates. The result can place links to ads alongside legitimate ads, as the example below shows.



“The intended effect is for users, searching for certain keywords, to inadvertently click on these malware-inserted ads, which lead to affiliated pages,” Microsoft said. “The attackers earn through affiliate advertising programs, which pay by amount of traffic referred to sponsored affiliated pages.”

To deliver the malware, the hackers have been resorting to drive-by downloads. This can occur when a user clicks on a malicious link or visits a website that’s been tampered with. The PC will trigger the malware to download, which can sometimes install itself on the computer by exploiting a software vulnerability.

Hence, it’s a good idea to always keep your browser up to date. In other cases, the user will install the malware from a drive-by download, believing it to be a safe program.



In this case, Adrozek will drop an .exe file in the PC’s “temp” folder. The .exe file will then deliver the main malware payload in the “Programs Files” folder using a file name such as “Audiolava.exe, QuickAudio.exe, and converter.exe,” Microsoft said.

The company tracked Adrozek’s distribution to 159 unique domains, which hosted tens of thousands of URLs to try and spread the malware.

“In total, from May to September 2020, we recorded hundreds of thousands of encounters of the Adrozek malware across the globe, with heavy concentration in Europe and in South Asia and Southeast Asia,” Microsoft added. “As this campaign is ongoing, this infrastructure is bound to expand even further.



Although the malware is so far aimed at inserting unauthorized ads, Microsoft is concerned Adrozek could one day be used for more malicious crimes, such as redirecting users to scam websites. The good news is that the company’s built-in Windows Defender antivirus can detect and block Adrozek.

“End users who find this threat on their devices are advised to re-install their browsers,” the company added.


Newsletter

Related Articles

PanamaTimes
0:00
0:00
Close
Apple warns against drying iPhones with rice
In a recent High Court hearing, the U.S. argued that Julian Assange endangered lives by releasing classified information.
Global Law Enforcement Dismantles Lockbit Ransomware Operation
Russian opposition leader Alexey Navalny has died at the Arctic prison colony
The President of Argentina Javier Mile does not fly private, he flies commercial, with the citizens he represents. And they LOVE him for it.
Bitcoin Reaches $50,000 for First Time in Over Two Years
Belo Horizonte: Brazil's Rising Carnival Hotspot for 2024
In El Salvador, the 'Trump of Latin America' stuns the world with a speech slamming woke policing after winning a landslide election
Tucker’s interview with Putin is over 50M views on X within the first 5 hours.
Finnish Airline, Finnair, is voluntarily weighing passengers to better estimate flight cargo weight
President Nayib Bukele has proudly announced El Salvador's remarkable achievement of becoming the safest nation in the Western Hemisphere.
Former Chilean President Sebastian Piñera Dies in Helicopter Crash
This farmer seems to understand science a bit more than the event organizer, Klaus Schwab.
Facebook turns 20: From Mark Zuckerberg's dormitory to a $1trn company
The Coolest Dictator in the World" on the Path to Victory in El Salvador
Macron, France and fake news
Indian-Origin Man 'King' Arrested For Smuggling $16 Million Drugs Into US
Can someone teach Americans that not every person with slanted eyes is Chinese?
Europe's Farmers Feeding the People, Protesting Against Politicians Who Do Nothing for Their Country and Serve Only Themselves at Taxpayers' Expense
Paris Restaurant That Inspired 'Ratatouille' Loses $1.6 Million Worth Of Wine
Brazilian Police Investigate Bolsonaro's Son for Alleged Illegal Spying
Police in Brazil Raid Residence of Bolsonaro Associate Over Allegations of Illegal Spying
Border Dispute Escalates as Texas Governor Vows Increased Razor Wire
OpenAI Enhances ChatGPT-4 Model, Potentially Addressing AI "Laziness" Issue
The NSA finally acknowledges spying on Americans by acquiring sensitive data
Report Reveals Toxic Telegram Group Generating X-Rated AI-Generated Fake Images of Taylor Swift
US Border Patrol States 'No Plans' to Remove Razor Wire Installed in Texas
Bitcoin Experiences Approximately 20% Decline in Value
Klaus Schwab recently appointed himself as the Earth's "trustee of the future."
DeSantis Drops Out, Endorses Trump.
Nikki Haley said former President Trump is "just not at the same level" of mental fitness as he was while president in 2016.
Residents of a southern Mexican town set the government palace on fire in response to the police killing of a young man
Samsung Launches AI-Driven Galaxy S24, Ushering in New Smartphone Era
Judge Questions SEC's Regulatory Overreach in Coinbase Lawsuit
The Ecuador prosecutor who was investigating the television studio attack, has been assassinated.
Is artificial intelligence the solution to cyber security threats?
Vivek Ramaswamy suspends his US election campaign and endorses Trump.
Viral Satire: A Staged Satirical Clip Mistaken as Real Footage from the 2024 World Economic Forum in Davos
The AI Revolution in the Workforce: CEOs at Davos Predict Major Job Cuts in 2024
Ecuador Reports 178 Hostages in Prison Gang Standoff
The Startling Cuban Espionage Case That Has Rattled the US Government
Two Armed Men in Ecuador, Dressed as Batman and The Joker Storm the Streets.
Armed Gang Raids Ecuadorian TV Station Following State of Emergency Declaration
Anti-Democratic Canada: Journalist Arrested for Questioning Canadian Finance Minister on Support of Terrorist Group
Ecuador's 'Most-Wanted' Criminal Vanishes from Prison
Mexican Cartel Supplied Wi-Fi to Locals Under Threat of Fatal Consequences for Non-Compliance
Border Surge Leads to Over 11,000 Migrants Waiting in Northern Mexico
Outsider Candidates Triumph in Latin American Elections
As Argentina Goes to the Polls, Will the Proposal to Replace the Peso with the Dollar Secure Votes?
Fatal Shark Attack Claims Life of Boston Woman Paddleboarding Near Bahamas Resort, According to Police
×