Security News > 2020 > December > Watch Out! Adrozek Malware Hijacking Chrome, Firefox, Edge, Yandex Browsers
Microsoft on Thursday took the wraps off an ongoing campaign impacting popular web browsers that stealthily injects malware-infested ads into search results to earn money via affiliate advertising.
The campaign - which impacts Microsoft Edge, Google Chrome, Yandex Browser, and Mozilla Firefox browsers on Windows - aims to insert additional, unauthorized ads on top of legitimate ads displayed on search engine results pages, leading users to click on these ads inadvertently.
"However, the fact that this campaign utilizes a piece of malware that affects multiple browsers is an indication of how this threat type continues to be increasingly sophisticated. In addition, the malware maintains persistence and exfiltrates website credentials, exposing affected devices to additional risks."
Although modern browsers have integrity checks to prevent tampering, the malware cleverly disables the feature, thus allowing the attackers to circumvent security defenses and exploit the extensions to fetch extra scripts from remote servers to inject bogus advertisements and gain revenue by driving traffic to these fraudulent ad pages.
What's more, Adrozek goes one step further on Mozilla Firefox to carry out credential theft and exfiltrate the data to attacker-controlled servers.
News URL
Related news
- New EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser Data (source)
- Microsoft says Edge browser is now 9% faster after optimizations (source)
- Chrome 136 fixes 20-year browser history privacy risk (source)
- Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware (source)
- Google Chrome to block admin-level browser launches for better security (source)
- 100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads (source)
- Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware (source)
- ⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs (source)