Microsoft has discovered a new malware named Adrozek, which severely impacts Google Chrome, Microsoft Edge, and Firefox browsers with Adware. According to sources, the Adrozek malware has affected over 30000 devices every day. The Adrozek malware automatically adds browser extensions, inserts unauthorized ads into web pages by changing browser settings including modifying a specific DLL file per target browser.
The Adrozek malware is designed exclusively to inject ads into search results. The modus operandi is that attackers earn via affiliate advertising programs. The ads will display ads in such a way that it motivates you to click. If you click on the ad without any knowledge, then the Adrozek malware will be activated on your computer and will start earning revenues as well. Even though adwares are not that much dangerous, they are capable of extracting user’s location and other personal credentials. Hence, hackers will be able to access your system via backdoor channel.
According to Microsoft, the Adrozek malware has affected large number of web browsers because of the nature of the malicious campaign. The process enables attackers to dissect website credentials, which exposes affected devices to various risks. The company sources have claimed that they have tracked 159 unique domains with an average of 17300 unique URLs alongside over 15300 polymorphic malware samples. Moreover, users based in India and Western European counties are worst affected by dangerous Adrozek malware.
Commenting on the development, Microsoft 365 Defender research Team disclosed that the Adrozek malware automatically modifies DLL files to change browser settings and also disables security features. The malware halts automatic browser security updates. Moreover, the malicious extensions will be run without appropriate permissions and hiding the extension from the Toolbar. The malware works by patching the function that launches the integrity check. The two-byte patch nullifies the integrity check and thus making the browser vulnerable to hijacking and tampering. As of this writing, Adrozek malware has only impacted Windows devices. We don’t have any information as to whether the malware has caused troubles on systems loaded with Linux and macOS operating systems.
How to prevent Adrozek Malware?
Microsoft has recommended users to download Microsoft Defender Antivirus with integrated Endpoint protection, which will block threats using behavior-based machine learning-powered protections. If you feel that your system has been compromised then you should instantly uninstall the browser and run a premium Antivirus solution to get rid of the Adrozek malware. You should update your Antivirus solution on a daily basis so that your system will remain protected. It is advisable to run the antivirus software twice to make sure that the malware has vanished from the system. You should also update your copy of Windows 10 to stay protected against malwares, viruses, trojans, and other harmful elements.
