Description
Researchers are warning of a new malware designed to inject ads into search results and add malicious browser extensions.
Summary
A number of popular web browsers including Microsoft Edge, Google Chrome, Yandex Browser, and Mozilla Firefox are affected by a new malware that is designed to inject ads into search results and add malicious browser extensions. Microsoft discovered the malware, Adrozek in May which reached its high point in August, affecting over 30,000 devices every day. Microsoft explains that the malware adds browser extensions, makes changes to a specific dll per target browser, and changes browser settings to insert additional ads into web pages, often on top of legitimate ads from search engines. Adware are not usually considered as serious threats, but they can still be dangerous as they are capable of extracting users” location and other credentials, therefore posing a risk to unauthorized access of personal information.
How it Works
The Adrozek malware which currently affects systems running Windows Operating System makes changes to some of the browsers” dll files to change browser settings and disable security features. When these changes are made the malware halts automatic browser security updates as well as allowing the malicious extensions to run without obtaining the appropriate permissions, and even hiding the extension from the toolbar. Adrozek patches the function that launches the integrity check. This patch makes the integrity check null and void, which in turn makes the browser potentially more vulnerable to hijacking or tampering.
It is advised that users download browser updates directly from the browsers official website.
The Guyana National CIRT recommends that users and administrators review this alert and apply it where necessary.
References
Lakshmanan, R. (2020, December 11). Watch Out! Adrozek Malware Hijacking Chrome, Firefox, Edge, Yandex Browser. Retrieved from The Hackers news: https://thehackernews.com/2020/12/watch-out-adrozek-malware-hijacking.html
News18.com (2020, December 13). Microsoft Exposes New Adrozek Malware That Is Impacting Chrome, Edge, and Firefox Browsers With Adware . News 18: https://www.news18.com/news/tech/microsoft-exposes-new-adrozek-malware-that-is-impacting-chrome-edge-and-firefox-browsers-with-adware-3173702.html