Security News > 2020 > December > Microsoft warns of ad-scamming, credential-stealing malware hitting Edge, Chrome, Firefox, Yandex browsers
On Thursday Microsoft warned that there's an ongoing campaign to distribute malware that modifies web browsers to conduct credential theft and ad fraud.
Since at least May, 2020, unidentified cybercriminals have been distributing a family of browser modifiers dubbed Adrozek, Microsoft said.
The code, which targets Google Chrome, Microsoft Edge, Mozilla Firefox, and Yandex Browser on Windows, mainly injects ads into search results pages.
"If not detected and blocked, Adrozek adds browser extensions, modifies a specific DLL per target browser, and changes browser settings to insert additional, unauthorized ads into web pages, often on top of legitimate ads from search engines," the Microsoft 365 Defender Research Team said its blog post.
The installed code then makes changes to various browser components and settings to enable ad injection and credential theft.
News URL
Related news
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)
- New Mac Malware Poses as Browser Updates (source)
- New FrigidStealer Malware Targets macOS Users via Fake Browser Updates (source)
- Firefox continues Manifest V2 support as Chrome disables MV2 ad-blockers (source)
- Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators (source)
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Google Cuts Off uBlock Origin on Chrome as Firefox Stands Firm on Ad Blockers (source)
- Microsoft admits GitHub hosted malware that infected almost a million devices (source)