A Microsoft research team has discovered an intricate scheme that sees prominent web browsers getting tampered, leading to actions that expose the user to a cascade of harmful consequences.
Dubbed “Adrozek,” an umbrella term to a family of browser modifiers, the malware is capable of changing specific DLL files, adding unauthorized web extensions, and inserting malicious ads on web pages which are, at times, layered on top of legitimate advertisements.
The intended effect views unwitting users clicking on malware-infused ads that redirect to affiliated web pages, profiting the attacker as a result. The difference in the search page result between an infected and non-infected browser is as clear as night and day in a juxtaposed comparison, but may not be a case to the totally unaware.
With the ability to maintain a presence, the malicious software is persistent in its attack, leading to the exfiltration of website credentials that leaves the system susceptible to further risks, particularly with Mozilla Firefox.
While the act of cybercriminals abusing the potentially lucrative affiliate programs is nothing new, according to the Microsoft team, how the hack manages to employ malware and affect multiple web browsers shows how the threat is becoming more sinister and evolving.
To offset the chances of getting the malware, the experts at Microsoft are urging users to employ mindful practices against malware, take advantage of URL filtering solutions like Edge’s Microsoft Defender SmartScreen, as well as being up-to-date with their operating system and security solutions.