Published in News

Microsoft warns of new Adrozek malware

by on11 December 2020

Targets all the major browsers

Microsoft has given details about a new malware campaign targeting major browsers such as Google Chrome, Microsoft Edge, Yandex, and Mozilla Firefox.

Dubbed "Adrozek" the browser modifiers have been active since May 2020, injecting advertisements into search results. These malware-inserted ads lead users to other webpages which pay the attackers by amount of traffic received on their website via Adrozek. Microsoft noted that in August 2020, over 30,000 devices were infected by the malware.

But Adrozek is tricky because it persists in the machine, and can steal credentials as well. It is  distributed via drive-by downloads from 159 domains hosting hundreds of thousands of unique URLs.

Microsoft warned that while the main purpose of this malware family so far has been to insert ads into search results, given the control it manages to establish over a machine as part of its sophisticated attack chain, this can change anytime and become even more dangerous. This is apparent from the credential theft activity Adrozek already carries out on Firefox.

While Microsoft Defender now blocks detects and blocks Adrozek using machine learning capabilities, the company has stated that victims of the attack should reinstall their browsers and educate themselves about the dangers of downloading from untrusted websites. Microsoft has also encouraged users to use solutions such as URL filtering offered by Smartscreen on the Edge browser. Meanwhile, organizations have been recommended to only allow authorised apps and services by making use of enterprise-grade solutions available on Microsoft Edge.

Last modified on 11 December 2020
Rate this item
(0 votes)

Read more about: