Security News > 2020 > December > Microsoft: New malware can infect over 30K Windows PCs a day
Microsoft has warned of an ongoing campaign pushing a new browser hijacking and credential-stealing malware dubbed Adrozek which, at its peak, was able to take over more than 30,000 devices every day.
While Microsoft hasn't yet found evidence of Adrozek being used to push malware onto its victims' computers through the injected ads, this can happen at any time.
Seeing that this massive campaign is still active and spreading to new computers each day, Adrozek's infrastructure is still expanding and adding new host domains used to inject new and unique malware payloads.
The malware will turn off security controls on Microsoft Edge and other Chromium-based web browsers, turns off safe browsing, and enables the hijacked extensions in incognito mode.
Adrozek gains persistence by adding registry entries and creating a new Windows Service named "Main Service" to have the main malware payload launched automatically on system startup.
News URL
Related news
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- FBI wipes Chinese PlugX malware from thousands of Windows PCs in America (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Microsoft expands testing of Windows 11 admin protection feature (source)
- Microsoft starts force upgrading Windows 11 22H2, 23H3 devices (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Microsoft removes Assassin’s Creed Windows 11 upgrade blocks (source)