Security News > 2020 > December > Ad-scamming, login-stealing Windows malware is hitting Chrome, Edge, Firefox, Yandex browsers, says Microsoft
On Thursday Microsoft warned that there's an ongoing campaign to distribute malware that modifies web browsers to conduct credential theft and ad fraud.
Since at least May, 2020, unidentified cybercriminals have been distributing a family of browser modifiers dubbed Adrozek, Microsoft said.
The code, which targets Google Chrome, Microsoft Edge, Mozilla Firefox, and Yandex Browser on Windows, mainly injects ads into search results pages.
"If not detected and blocked, Adrozek adds browser extensions, modifies a specific DLL per target browser, and changes browser settings to insert additional, unauthorized ads into web pages, often on top of legitimate ads from search engines," the Microsoft 365 Defender Research Team said its blog post.
The installed code then makes changes to various browser components and settings to enable ad injection and credential theft.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/12/10/windows_malware_browsers/
Related news
- Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions (source)
- Chrome, Edge users beset by malicious extensions that can’t be easily removed (source)
- Microsoft is killing the Windows Paint 3D app after 8 years (source)
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- Microsoft retires Windows updates causing 0x80070643 errors (source)
- Microsoft removes FAT32 partition size limit in Windows 11 (source)
- Microsoft Edge PDF reader is getting more Copilot AI features (source)
- Hackers use PHP exploit to backdoor Windows systems with new malware (source)
- Microsoft to rollout Windows Recall to Insiders in October (source)
- Microsoft to roll out Windows Recall to Insiders in October (source)