Never underestimate the damage that malware can do. It’s used by cybercriminals for all sorts of sketchy, illegal reasons but often to steal your data and your money.
That’s why you’ll always find malware lurking in email downloads, links or other corners of the web. Plus, about half of the products on the market fail to stop online threats like these.
Some variations are far worse than others, and cybersecurity researchers just found a dangerous type of malware that not only infects your computer, but takes over your web browser. Here’s what you need to know to stay safe.
The dangerous new type of malware that can hijack your browser
The Microsoft 365 Defender Research Team released a report on Thursday about a dangerous new strain of malware. Known as Adrozek, this malware infects a computer, then modifies your browser of choice to inject sketchy ads into the search results pages.
It spreads by one of the most commonly used schemes: the drive-by download. This is done by redirecting you from legitimate websites to malicious sites. Once there, these sites try to trick you into installing infected software under the guise of it being a legitimate download.
After the infected software is downloaded, it installs the Adrozek malware, which then looks for an in with a web browser, like Google Chrome, Mozilla Firefox and Microsoft Edge.
If it locates one of the browsers on the user’s computer, the malware will then force-install an extension that modifies the browser.
These modifications include:
- Disabling the browser updates, the Safe Browsing feature or file integrity checks
- Registering/activating the malicious extension
- Allowing the unwanted extension to run in incognito mode or without the appropriate permissions
- Hiding the extension from the toolbar
- Modifying the browser’s default home page or default search engine
Those changes allow the malware to inject ads into search results in order to direct traffic toward ad and traffic referral programs. Long story short, it ends up generating ad revenue for the cybercriminals behind the malware.
According to the report, the malware has been active since at least May 2020, and it appears to be widespread. As of August, Adrozek was controlling over 30,000 each day. Between May and September 2020, the researchers observed hundreds of thousands of Adrozek detections all over the globe.
Right now the majority of attacks are happening in Europe, South Asia and Southeast Asia. That doesn’t mean Adrozek won’t become worse in the U.S., so this is still something to be mindful of.
How to protect yourself against this and other malware
The tricky thing about malware is that it’s not easily recognized because it’s hidden behind things like downloads or social media buttons. It’s also hard to get rid of once it’s installed. Some malware can even survive if you erase and reinstall Windows.
If you want to avoid getting infected by Adrozek or other types of malware, you need to be proactive about the moves you make on the web. Check all of the URLs you visit to be sure you’re on the webpage you intended.
Other ways to protect yourself include:
- Avoid any emails from ANY unknown senders. Try to avoid opening emails from senders you don’t recognize. Opening an email won’t immediately infect your computer, but the links or attachments hidden within could cause issues.
- Don’t click the links in unsolicited emails. If you open unsolicited, do not click on any links. You can hover over the link to see what the URL is. That will give you an idea of whether or not it’s a real site you want or need to visit.
- Don’t download unsolicited attachments. If you didn’t ask for it, don’t download it. You’re running too big of a risk by doing this.
- Use reputable antivirus software and run regular scans. Most reputable antivirus software can protect you from issues like these. If they don’t automatically identify the malware, run regular scans, which will help you catch them before they cause a major headache down the road.