A worrying situation has been occurring in recent months on thousands of devices whose systems have been being infected by Adrozek, a new malware that infiltrates these to exert changes in the browser in order to saturate the user’s search results with ads.
This has been all that Microsoft has managed to decipher about the behavior of this malware so far. According to what the company has expressed, it seems that this malware has been active since May of this year, being that by August it had taken control of around 30 thousand browsers per day, an amount that they claim would represent its maximum peak.
Added to that, Microsoft estimated that for the months between May and September hundreds of thousands of devices were already infected with Adrozek.
The security research team at Microsoft 365 made use of internal tools with which they were able to visualize the areas of the world that have been the most affected by malware. Among these, Europe constitutes the region where Adrozek has gained special strength and in which the majority of infected devices have been detected.
Added to this, the team was able to determine that Adrozek is distributed in a sophisticated way, detecting its presence in the case of 160 different pages from which its propagation takes place with more than 15 thousand installers that have the malware.
Additionally, attackers make sure to constantly refresh dynamic URLs to avoid detection.
Through these pages Adrozek is downloaded and installed incognito, generally posing as another program. For this reason, it is recommended that when installing applications they are made from verified distributors and official app stores.