Security News > 2020 > December > Microsoft: New malware can infect over 30K Windows PCs a day
Microsoft has warned of an ongoing campaign pushing a new browser hijacking and credential-stealing malware dubbed Adrozek which, at its peak, was able to take over more than 30,000 devices every day.
While Microsoft hasn't yet found evidence of Adrozek being used to push malware onto its victims' computers through the injected ads, this can happen at any time.
Seeing that this massive campaign is still active and spreading to new computers each day, Adrozek's infrastructure is still expanding and adding new host domains used to inject new and unique malware payloads.
The malware will turn off security controls on Microsoft Edge and other Chromium-based web browsers, turns off safe browsing, and enables the hijacked extensions in incognito mode.
Adrozek gains persistence by adding registry entries and creating a new Windows Service named "Main Service" to have the main malware payload launched automatically on system startup.
News URL
Related news
- Microsoft is killing the Windows Paint 3D app after 8 years (source)
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- Microsoft retires Windows updates causing 0x80070643 errors (source)
- Microsoft removes FAT32 partition size limit in Windows 11 (source)
- Hackers use PHP exploit to backdoor Windows systems with new malware (source)
- Microsoft to rollout Windows Recall to Insiders in October (source)
- Microsoft to roll out Windows Recall to Insiders in October (source)
- Microsoft: August updates cause Windows Server boot issues, freezes (source)
- Microsoft Delays Recall Launch for Windows Insider Members Until October (source)
- Microsoft: Exchange Online mistakenly tags emails as malware (source)