Microsoft has uncovered a new malware, the Adrozek malware that has been attacking web browsers like Chrome, Mozilla Firefox, and others. The company, in a blog post on 10th December, revealed that the malware has been active since May 2020. It says that the malware is of a very sophisticated kind that injects ads into the browsers.
The Adrozek malware is so powerful that it can even go undetected at times. The malware may even help hackers steal sensitive information from users. It invades the web browsers with excessive ads, once the user clicks on these ads, they are taken to different websites. The culprits earn money based on the level of traffic they draw to these websites. It has a wide infrastructure for spreading malware.
Microsoft also noted that in August, the malware had impacted over 30,000 devices. It also added that although these malware attacks happened all around the world, they were concentrated in Europe and Southeast Asia. It mentioned that Adrozek added browser extensions, changed browser settings, and altered DLL apart from injecting ads.
Microsoft also revealed more information about Adrozek, like how it is spread, and the precautions that one can take to avoid becoming a victim to it.
The company said that the malware is installed through a “drive-by download’. It explained that the malware was traced back to 159 domains with, these having varying numbers of URLs. This huge infrastructure makes it easy for the attackers to spread malware. The files run a .exe file in the %temp% folder. It is disguised as a legitimate file with a genuine name.
Once the file is installed, Adrozek starts making changes to the browser settings and adds extensions. In Chrome, for example, it modifies the ‘Chrome Media Router’. It also makes changes to the security settings of the browsers making them more vulnerable to attacks.
How to Protect Yourself from the Malware?
After disclosing all the details of Adrozek, Microsoft also recommended a few precautions. First and foremost users should keep their browsers updated. They should also use URL filtering programs. And they also only download files from trusted websites and click on trustworthy links. The Microsoft Defender Antivirus, which is integrated with Windows 10 can detect and block Adrozek.
While ads can be annoying Microsoft is concerned about the future use of Adrozek. It says that such malware can be used to carry out more serious crimes. Its concerns are valid as Cyber-attacks can destroy lives and systems. Hence, everyone should be careful of this malware.