Ad-scamming, login-stealing Windows malware is hitting Chrome, Edge, Firefox, Yandex browsers, says Microsoft On Thursday Microsoft warned that there's an ongoing campaign to distribute malware that modifies web browsers to conduct credential theft and ad fraud. Since at least May, 2020, unidentified cybercriminals have been distributing a family of browser modifiers dubbed Adrozek, Microsoft said. The code, which targets Google …
"Microsoft says~~~ And it advises those who find the malware on their system to reinstall their browser."
Well it's a pretty darn good thing that MS was required by governments to UN-bundled IE to the OS, or everyone effected would have to reinstall windows and not just their browser.
"Google Chrome, Microsoft Edge, Mozilla Firefox, and Yandex Browser on Windows" No mentioned of IE in the article.
Chrome is the popular Windows browser now, cross sold legally by Google from their search results page.
Try and keep up.
And edge relies on? ... come on keep up ... and IE is not mentioned because ...?
1) it's out of support
2) it's not impacted due to not doing embedding nasty stuff that google accountants like
3) they forgot or
4) they don't care?
What about Vivaldi and Brave - is it the rendering engine that's compromised or something else?
Yes it's important and good that non core OS parts can be reinstalled.
So I wonder if Defender Antivirus can be reinstalled now if needed. A few years back on a Windows 8 PC I was fixing, Defender Antivirus or whatever it was called them, was hacked by some virus/malware and it couldn't clean it off the PC by itself because it was corrupted. I cleaned off the infection with other AV software but Defender Antivirus was still broken.
In the end I had to install other AV software because at the time MS didn't have a way to reinstall their Defender Antivirus "because it would never need to be reinstalled because it was always installed" or some such bone headed logic.
The article specifies two things that your comment questions. First, the malware has only been seen on Windows. Second, it doesn't modify the DLLs through the browser, it installs a native binary which does it. That native binary is launched during an installer, which makes it easy to determine how the binary got elevated privileges to do it.
So, does running 'NoScript' protect you? How about generic ad blockers? Or maybe just simple popup blocking?
It would be interesting to know of any of these "irritation blockers" are also preventing accidental download (and running) of executable installers...
icon, because, Linux not vulnerable (apparently)
That depends on your settings, and the best answer is "not intrinsically, but they probably help a lot of the time and certainly can't hurt". If you just block scripts, you can still get an ad with a misleading download link. Javascript didn't play a part in getting the malware onto the computer, so an HTML ad that looked convincing would have been enough. They might not have used plain HTML, in which blocking JS would help, but they could have done so.
An ad blocker is more likely to help, but it's not foolproof either. It won't necessarily get all ads, nor would it detect things like fake sites hiding in search results. If you ever found a link leading to the malware, it wouldn't protect you from the file. The best it can do is prevent you from seeing such a link injected from an ad server.
MBAM has a Chrome extension that blocks malware, but even it can't stop it if you have to allow ads to view a site. At least I'm pretty sure of that - besides, with today's undetectable APTs, any anti-malware is going to have a hard time detecting the initial intrusion. Last time it happened to me Edge crashed and prevented the installation of a BHO which definitely did NOT have my best interests at heart!
Well we are all doomed (Except for Linux users for now). I don't think anybody really cares about advertising Fraternity being screw over for fees. What does concern me "stored user credentials" Shopping,Backing,local services and Email accounts makes phishing expeditions pointless. Why try to trick someone into giving up an email address when you can waltz-in and take it. Java Script has a lot to answer for. A special crafted scrip can access any part of your computer and other computing devices connected on a network (my router for instance).
Still it's only Microsoft.
seeing no probs here, adblock ultimate on FF - Ublock is for those OCD peeps who LOVE lots of typing and scripting, unlike *normal* busy people, who want a **quick, simple** method..
Palemoon with adblock latitude (it like the old ff, with it OWN addon library :) /www.palemoon.org/releasenotes.shtml
https://itsfoss.com/basilisk-browser/ is a **good** mix of bits of latest FF, but nice old inerface.. :)
> Ublock is for those OCD peeps who LOVE lots of typing and scripting
Are you kidding???
My whole family has been using uBlock Origin for years (older relatives without even knowing it), and never ever anybody had to type or script anything. It just works.
> so have you tried to stop a particular ad that keeps appearing?? an ugly picture that a website insists on displaying???
By default no ads appear (it's an ad blocker, remember?), ever, so sorry, #1 never occurred yet.
As for #2, as Alumoi already said, it's usually pretty simple for who has mastered the difficult art of the right-click and has enough eyesight to spot the "Block Element" menu option (helpfully highlighted by an icon).
Seriously, do we really speak about the same thing? uBlock Origin?
Yeah, blocking ads is the way to go - but what if you are visiting your favorite free site that needs ad revenue to stay in business? - I turn off all that stuff when I'm on my favorite sites - do I get attacked - YES - but a blended defense has saved me before.
> ad revenue
That problem is the ad industry has killed the ad industry (well, at least for a small, but ever increasing part of its preys targets).
So, having conscientiously sawed off the branch they were sitting on, now they wonder what to do. Sorry, can't help here. Unless the ad industry goes back to light and inert ads which try to attract you by their interest and not by their raw firepower, I'm going to block the heck out of them.
I could live with the innocuous banner ads of yesteryear, even when there is a lot of them, but definitely not with the current monsters constantly trying to take over my computer/tablet/phone, and making internet surfing like wading through a malodorous swamp (and I'm on fiber, I don't want to know what it must be for those on slow connections).
It's beautiful isn't it?
Has anyone ever studied (as in real science) who is really taking the benefit from advertisement? The buyer or the seller?
Someone would have to come up with a viable idea for supporting content based business besides ads.
People would consume less, and every time you need something you would actually have to search for it and compare solutions. The environment would appreciate it. Companies would have to actually create value and drive innovation instead of slowing innovation for the sake of capitalizing on each insignificant evolution step with the help of marketing. Online markets would flourish and small business would play on the same arena as big corporations. The current economic indicators would probably go down and blink yellow, but those are in need of replacement anyways.
I have not been troubled by ads for years. Doubtless that is true for many readers. Of course it helps to not use an operating system like Windows for domestic users which in recent incarnations has become centred upon pushing products for Microsoft and its "trusted partners'.
Linux is not immune from ads as evinced through bundled proprietary versions of Android on devices. However, there is plenty of software available to kill ads without need of the complexity and perils of 'rooting'.
The worst examples of add-pushing are found in Amazon's Kindle pads. It has reached the point where people face dual pricing; that is having to pay more for Kindle devices without the most blatant and intrusive advertising turned on.
That did not deter me from buying a cheaper version and then using Google platform tools to disable nasty features including the Kindle store, Google store, and software updating. It is used as a simple 'book device' (DRM disabled works) and only connects to the Internet for side-loading from F-Droid and to my Intranet for transfer of reading material. I may root it when helper software becomes available for my recent model but even as now is (i.e. software disabled rather than deleted) the device offers excellent value for money.
Perhaps needless to say, during initial setup I registered a dummy Amazon account and declined to link it to a credit card. Now that it has been purged of various nasty features it can no longer call home. Moreover, drain on computational resource must have been reduced by disabling many background tasks.
Using it primarily for offline tasks and storing no personal information means security is not an issue.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
