Microsoft Warns Of Sinister Adrozek Malware Injecting Into Your Favorite Web Browsers
Simply put, malware and adware sucks, especially when it tries to be sneaky. Thankfully, Microsoft is on the prowl for malicious software trying to worm its way onto people’s systems. Since at least May of this year, Microsoft discovered a “persistent malware campaign” that peaked in August with over 30,000 devices infected. The malware, dubbed “Adrozek,” adds browser extensions, modifies DLL files, and inserts ads into web pages and search results. Perhaps it is time to run a malware scan, eh?
The family of browser-modifying malware called Adrozek is quite the little bugger as far as malware goes. It affects multiple different browsers, such as Microsoft Edge, Google Chrome, Yandex Browser, and Mozilla Firefox, “exposing the attackers’ intent to reach as many Internet users as possible.” Moreover, the attackers have effectively shotgun blasted the malware over the internet with Microsoft tracking “159 unique domains, each hosting an average of 17,300 unique URLs, which in turn host more than 15,300 unique, polymorphic malware samples on average.”
Ultimately, this infrastructure of 159 domains “distribute[d] hundreds of thousands of unique malware samples” through “drive-by downloads.” This means that all a user had to do was visit a site that hosted the malware, and it would be downloaded in the background. Another critical part of this malware is that it was polymorphic or varied so that it could avoid detection from a variety of malware blockers. Even though slight tweaks made the malware different from itself in each instance, it generally followed the same steps once onto a device. Microsoft has laid out the attack chain in the image below to explain what happens.