Microsoft has just issued an advisory about an organized push of new Adrozek malware that is being distributed by well-organized attackers.
In its advisory Microsoft warns on the browser modifier that adds browser extensions and thus modifies a specific DLL on the target browser. Furthermore, the malware additionally changes browser settings to insert additional unauthorized ads into the web pages while also trying to steal your browser credentials.
In an attempt to stay undetected on the system Adrozek malware modifies browser settings and turns of automatic updates for the browser.
The intended effect is for users, searching for certain keywords, to inadvertently click on these malware-inserted ads, which lead to affiliated pages. The attackers earn through affiliate advertising programs, which pay by the amount of traffic referred to sponsored affiliated pages.
Image credit: Microsoft.com
The company also said that from May to September 2020 they have recorded hundreds of thousands of encounters of Adrozek malware across the globe being more concentrated in Europe and South Asia.
More information about the advisory can be found here.