An ongoing malware campaign that is designed to inject advertisements into search results and add malicious browser extensions is affecting Google Chrome, Firefox, Microsoft Edge, and Yandex browsers, Microsoft revealed on Thursday. Dubbed Adrozek, since at least May this year the recently found malware family has been on the scale and the attacks escalated in August with the threat being noticed every day on more than 30,000 computers.
Microsoft said that from May to September, hundreds of thousands of Adrozek malware encounters were registered worldwide. The company monitored 159 unique domains, each hosting an average of 17,300 unique URLs, which in turn host more than 15,300 different, polymorphic samples of malware on average.
The ultimate purpose of the new malware campaign is to direct users by serving malware-inserted advertisements on search results to associated sites.
However, the malware quietly adds malicious browser extensions to begin the action and changes browser settings to inject ads into web pages, often on top of legitimate search engine advertisements. DLLs per target browser are also alleged to be changed, such as MsEdge.dll on Microsoft Edge, to turn off security controls.
Microsoft is recommending users to install an antivirus solution such as Microsoft Defender Antivirus, which uses behaviour-based, machine-learning-powered detects to block malware families, like Adrozek, with an integrated endpoint security solution.