A “persistent malware campaign” has been actively distributing an evolved browser modifier malware at scale since at least May 2020, revealed Microsoft. At its peak in August, the threat was observed on over 30,000 devices every day.
The malware was designed to inject ads into search engine results pages. The threat affects multiple browsers — Microsoft Edge, Google Chrome, Yandex Browser, & Mozilla Firefox — exposing the attackers’ intent to reach as many Internet users as possible, claimed Microsoft in this blog post.
This “family of browser modifiers Adrozek”, as Microsoft calls it, can create havoc if not detected & blocked, Adrozek adds browser extensions, modifies a specific DLL per target browser, & changes browser settings to insert additional, unauthorized ads into Web pages, often on top of legitimate ads from search engines. The intended effect is for users, searching for certain keywords, to inadvertently click on these malware-inserted ads, which lead to affiliated pages. The attackers earn through affiliate advertising programs, which pay by amount of traffic referred to sponsored affiliated pages.
For more, click here.
Image credit: Microsoft
