Security News > 2020 > December > Microsoft: New malware can infect over 30K Windows PCs a day
Microsoft has warned of an ongoing campaign pushing a new browser hijacking and credential-stealing malware dubbed Adrozek which, at its peak, was able to take over more than 30,000 devices every day.
While Microsoft hasn't yet found evidence of Adrozek being used to push malware onto its victims' computers through the injected ads, this can happen at any time.
Seeing that this massive campaign is still active and spreading to new computers each day, Adrozek's infrastructure is still expanding and adding new host domains used to inject new and unique malware payloads.
The malware will turn off security controls on Microsoft Edge and other Chromium-based web browsers, turns off safe browsing, and enables the hijacked extensions in incognito mode.
Adrozek gains persistence by adding registry entries and creating a new Windows Service named "Main Service" to have the main malware payload launched automatically on system startup.
News URL
Related news
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)
- Microsoft lifts Windows 11 24H2 block on PCs with USB scanners (source)
- Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware (source)
- Microsoft says Auto HDR causes game freezes on Windows 11 24H2 (source)
- Microsoft adds another problem to the Windows 11 24H2 naughty list (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- FBI wipes Chinese PlugX malware from thousands of Windows PCs in America (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)