Adrozek Is A New Malware Strain With Big Plans

December 21, 2020

Written by wukovits

Microsoft recently issued a warning about an ongoing malware campaign they discovered. It seeks to install a new browser hijacking, credential stealing malware strain called Adrozek onto as many PCs as possible.

Based on Microsoft’s analysis of the campaign, at its peak, it was able to infect more than 30,000 devices every single day.

Microsoft had this to say about the malware on a recent blog post:

“The Adrozek attackers…operate the way other browser modifiers do, which is to earn through affiliate ad programs, which pay for referral traffic to certain websites. The intended effect is for users, searching for certain keywords, to inadvertently click on these malware-inserted ads, which lead to affiliated pages. The attackers earn through affiliate advertising programs, which pay by the amount of traffic referred to sponsored affiliated pages.”

While it’s unclear who’s behind the campaign, it’s obviously a group of hackers and not an individual. The campaign spans 159 domains that host an average of 17,300 URLs that have delivered more than fifteen thousand polymorphic malware samples. These have been delivered to infected devices between May through September of this year (2020).

It’s a well-designed piece of code capable of slipping past many security measures and infecting Microsoft Edge and other Chromium-based browsers, along with Google Chrome and Mozilla Firefox browsers. Once installed, it will begin quietly installing browser extensions in the background and give itself some persistence by adding new registry entries and creating a new Windows Service cryptically named “Main Service,” which makes it notoriously difficult to be rid of once it makes its way onto a target device.

If there’s a silver lining to be found, it lies in the fact that so far at least, the main purpose of this malware strain seems to be to make money for its controllers via ads, which makes it a low-priority, non-urgent threat. That, however, could easily change any time the hackers felt so inclined.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

New Graphene Technology May Increase Hard Drive Storage

HDDs are old, well understood technology. They haven't changed much in recent years. In fact, increasingly, people are writing them off, preferring SSDs for their greater speed and smaller size, even though HDDs are less expensive. The clever folks at the University...

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Send us a message

Your message was sent.