Fri. Apr 16th, 2021
browser

Microsoft has detected an active malware campaign affecting Chrome, Firefox, and Edge It is a malicious browser virus that changes settings to inject ads into search results.

The browser is the application we use the most today. Unlike what happened a few years ago, we currently work more with web services and cloud applications than with local files. For this reason, the browser has become one of the main targets for cybercriminals.

Now, Microsoft has detected an active campaign that is distributing Adrozek, a malware that hijacks the browser to change settings for malicious purposes and inject ads. It affects the browsers most used by users: Google Chrome, Mozilla Firefox, Microsoft Edge and Yandex.

According to the report by the Redmond company, Adrozek has been operating on a large scale since at least last May, and at its peak in August it infected more than 30,000 devices a day.

As you can see on the map above these lines, the most affected areas are Europe and Southeast Asia, and Spain is among them . Therefore, it is possible that your browser is infected and you have not realized it.

Once installed on the computer, the first thing this malware does is change the browser’s settings and components, and then it can inject ads into the search engine results pages. What it does is modify certain browser extensions to add malicious scripts, and it also manipulates certain DDL files to disable security controls.

After making these changes, Adrozek injects ads into the search results Therefore, if for example you use Google to do a search, your browser will show you a large ad unit before you can see the results, as you can see in the screenshot below. In this way, attackers manage to distribute their affiliate links, generating a lot of traffic and earning income for it.

If you use Firefox, you have to exercise caution because Adrozek also has the ability to steal your passwords in this browser. In case you are infected, Microsoft recommends removing the browser and reinstalling it from scratch to get rid of the threat.

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *