- A new malware dubbed Adrozek by Microsoft is affecting three of the most popular web browsers in the world —
Google Chrome ,Mozilla Firefox andMicrosoft Edge . - The malware is capable of messing with your browser’s security settings, installing fake extensions, and ultimately pushing out more ads amid your search results.
- Users in India, Europe and Southeast Asia are among the most impacted by the new malware.
The Microsoft 365 Defender Research Team calls this family of malware ‘Adrozek’. It messes with the web browsers’ security, pulls in malicious browser extensions, and makes changes to users’ computers without their consent.
And, users in India are among the worst affected. Other places with a heavy concentration of attacks include Europe and Southeast Asia.
Microsoft claims that Adrozek has been on the prowl since at least May 2020. By August, it was launching attacks against as many as 30,000 devices every day.
Its distribution networks sprawl across 159 unique domains. On average, each domain can host an average of 17,3000 unique URLs. These URLs, in turn, can host an average of 15,300 malware samples.
That means there’s a grand total of over 42 billion different malware samples just waiting to latch onto their latest victim.
Once installed, Adrozek makes multiple changes to browser settings and components. These changes allow the malware to inject ads into search engine result pages.
Extensions replace toolbars
Browsers are among the most popular targets for hackers since the days of yore.
Just over a decade ago, unwanted ‘free toolbars’ were the flavour of the season. Installing software from unverified sources could lead to Yahoo becoming the default search engine and no matter times you get your original settings back, the toolbar would just keep returning.
While Adrozek doesn’t come with toolbars, it’s installing malicious extensions instead — malicious extensions that look a lot like the real thing.
On Chrome, for example, the malware often makes changes to the Chrome Media Router service to install ‘Radioplayer’, which sounds legitimate enough until you actually try and use it.
The real danger of Adrozek
What makes Adrozek more potent than the other threats hanging out in the dark spaces of the internet is its ability to modify your security settings. “The malware maintains persistence and exfiltrates website credentials, exposing affected devices to additional risks,” Microsoft said in its blog post.
And, the fact that it can attack different types of browsers with ease makes it difficult to stop.
What do you do if infected with Adrozek?
If you think you’re one of the users who has been affected by this new malware, Microsoft recommends re-installing the browser from scratch. It also suggests installing some kind of URL filtering solution that can detect such malware before it’s installed.
SEE ALSO:
$4
$4
$4