"This is a great example of how technically advanced modern attackers are," Erich Kron, security awareness advocate at KnowBe4, said, "campaigns like this quietly run in the background generating income by redirecting search results." Kron also pointed out that "the addition of credential theft from the Firefox browser is a valuable tool," and one which is "successful because people often reuse the same password for many different accounts." Cybercriminals are quick to evolve with innovative new ways to finance their livelihoods, and this is the sort of malware that regularly goes on behind the larger-scale attacks such as data breaches." Jake Moore, a cybersecurity specialist at ESET, said that "hijacking search results may sound harmless but this sort of malware funds cybercrime and future widespread attacks. "A lot of drive-by downloads occur through malicious scripts," Bischoff continued, "so a script blocker extension like NoScript could help protect your browser." Microsoft mentions that infections occur through "drive-by downloads", which is not very specific," Paul Bischoff, privacy advocate at Comparitech, said. "Microsoft didn't specify what interactions are required for Adrozek infections to occur, so it's difficult to give practical advice on how to prevent it.
MORE FROM FORBES Microsoft Confirms Serious Windows 10 Password Problem-Here's The 5 Step Fix By Davey Winder Security experts advise caution Of course, prevention is better than cure, and not downloading software from untrusted sources and clicking on links to suspicious websites goes a long way as well. The researchers say that "Microsoft Defender Antivirus, the built-in endpoint protection solution on Windows 10, uses behavior-based, machine learning-powered detections to block Adrozek." They also state that users who find themselves infected by this threat should "re-install their browsers" to get rid of it. Re-install browser if infected, Microsoft advises It will also prevent browsers from being updated to the latest version and in some cases can attempt to steal login credentials. Within the Edge browser, for example, a DLL is modified to prevent security controls from functioning correctly. However, because the malware maintains persistence and does more than just install malicious adverts, it's more serious than most such campaigns.
0 kommentar(er)
