Beautiful Virgin Islands

Tuesday, Jun 03, 2025

Microsoft Warns 'Adrozek' Malware is Infecting Thousands of PCs to Insert Ads

Microsoft Warns 'Adrozek' Malware is Infecting Thousands of PCs to Insert Ads

'We recorded hundreds of thousands of encounters of the Adrozek malware across the globe, with heavy concentration in Europe and in South Asia and Southeast Asia,' Microsoft said.

A new malware strain has been spreading to hundreds of thousands of Windows PCs in an effort to inject unauthorized ads into users’ search results, according to Microsoft.

The company has been tracking "Adrozek," a malware family capable of modifying multiple browsers including Google’s Chrome, Microsoft’s Edge and Mozilla’s Firefox in order to insert the ads into search result pages.

“At its peak in August, the threat was observed on over 30,000 devices every day,” Microsoft warned in a blog post on Thursday.

Inserting the ads into your search results is certainly annoying. But the real threat is how the malware can also steal login credentials from the Firefox browser, and potentially give hackers a launching pad for more damaging crimes.

Adrozek works by modifying a browser’s Dynamic Link Libraries or DLL files to change the settings, including turning off the security safeguards and the automatic updates. The result can place links to ads alongside legitimate ads, as the example below shows.



“The intended effect is for users, searching for certain keywords, to inadvertently click on these malware-inserted ads, which lead to affiliated pages,” Microsoft said. “The attackers earn through affiliate advertising programs, which pay by amount of traffic referred to sponsored affiliated pages.”

To deliver the malware, the hackers have been resorting to drive-by downloads. This can occur when a user clicks on a malicious link or visits a website that’s been tampered with. The PC will trigger the malware to download, which can sometimes install itself on the computer by exploiting a software vulnerability.

Hence, it’s a good idea to always keep your browser up to date. In other cases, the user will install the malware from a drive-by download, believing it to be a safe program.



In this case, Adrozek will drop an .exe file in the PC’s “temp” folder. The .exe file will then deliver the main malware payload in the “Programs Files” folder using a file name such as “Audiolava.exe, QuickAudio.exe, and converter.exe,” Microsoft said.

The company tracked Adrozek’s distribution to 159 unique domains, which hosted tens of thousands of URLs to try and spread the malware.

“In total, from May to September 2020, we recorded hundreds of thousands of encounters of the Adrozek malware across the globe, with heavy concentration in Europe and in South Asia and Southeast Asia,” Microsoft added. “As this campaign is ongoing, this infrastructure is bound to expand even further.



Although the malware is so far aimed at inserting unauthorized ads, Microsoft is concerned Adrozek could one day be used for more malicious crimes, such as redirecting users to scam websites. The good news is that the company’s built-in Windows Defender antivirus can detect and block Adrozek.

“End users who find this threat on their devices are advised to re-install their browsers,” the company added.


Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
Harvard Urges US to Unfreeze Funds for Public Health Research
Businessman Mauled by Lion at Luxury Namibian Lodge
Researchers Consider New Destinations Beyond the U.S.
53-Year-Old Doctor Claims Biological Age of 23
Trump Struggles to Secure Trade Deals With China and Europe
Russia to Return 6,000 Corpses Under Ukraine Prisoner Swap Deal
Microsoft Lays Off Hundreds More Amid Restructuring
Harvey Weinstein’s Publicist Embraces Notoriety
Macron and Meloni Seek Unity Despite Tensions
Trump Administration Accused of Obstructing Deportation Cases
Newark Mayor Sues Over Arrest at Immigration Facility
Center-Left Candidate Projected to Win South Korean Presidency
Trump’s Tariffs Predicted to Stall Global Economic Growth
South Korea’s President-Elect Expected to Take Softer Line on Trump and North Korea
Trump’s China Strategy Remains a Geopolitical Puzzle
Ukraine Executes Long-Range Drone Strikes on Russian Airbases
Conservative Karol Nawrocki wins Poland’s presidential election
Study Identifies Potential Radicalization Risk Among Over One Million Muslims in Germany
Good news: Annalena Baerbock Elected President of the UN General Assembly
Apple Appeals EU Law Over User Data Sharing Requirements
South Africa: "First Black Bank" Collapses after Being Looted by Owners
Poland will now withdraw from the EU migration pact after pro-Trump nationalist wins Election
"That's Disgusting, Don’t Say It Again": The Trump Joke That Made the President Boil
Trump Cancels NASA Nominee Over Democratic Donations
Paris Saint-Germain's Greatest Triumph Is Football’s Lowest Point
OnlyFans for Sale: From Lockdown Lifeline to Eight-Billion-Dollar Empire
Mayor’s Security Officer Implicated | Shocking New Details Emerge in NYC Kidnapping Case
Hegseth Warns of Potential Chinese Military Action Against Taiwan
OPEC+ Agrees to Increase Oil Output for Third Consecutive Month
Jamie Dimon Warns U.S. Bond Market Faces Pressure from Rising Debt
Turkey Detains Istanbul Officials Amid Anti-Corruption Crackdown
Taylor Swift Gains Ownership of Her First Six Albums
Bangkok Ranked World's Top City for Remote Work in 2025
Satirical Sketch Sparks Political Spouse Feud in South Korea
Indonesia Quarry Collapse Leaves Multiple Dead and Missing
South Korean Election Video Pulled Amid Misogyny Outcry
Asian Economies Shift Away from US Dollar Amid Trade Tensions
Netflix Investigates Allegations of On-Set Mistreatment in K-Drama Production
US Defence Chief Reaffirms Strong Ties with Singapore Amid Regional Tensions
Vietnam Faces Strategic Dilemma Over China's Mekong River Projects
Malaysia's First AI Preacher Sparks Debate on Islamic Principles
White House Press Secretary Criticizes Harvard Funding, Advocates for Vocational Training
France to Implement Nationwide Smoking Ban in Outdoor Spaces Frequented by Children
Meta and Anduril Collaborate on AI-Driven Military Augmented Reality Systems
Russia's Fossil Fuel Revenues Approach €900 Billion Since Ukraine Invasion
U.S. Justice Department Reduces American Bar Association's Role in Judicial Nominations
U.S. Department of Energy Unveils 'Doudna' Supercomputer to Advance AI Research
U.S. SEC Dismisses Lawsuit Against Binance Amid Regulatory Shift
Alcohol Industry Faces Increased Scrutiny Amid Health Concerns
Italy Faces Population Decline Amid Youth Emigration
×