New browser hijacker/click fraud malware threatens Windows users
Posted on 14.05.2014
In its latest Security Intelligence Report, Microsoft has noted that malware designed to make money for the attacker via click fraud, performing Bitcoin mining, and redirecting search results, has been plentiful in the last quarter of 2014.


Cyber crooks seem to love that type of malware, as if often lays undetected on the victims' computer, and makes money for them steadily and easily - they don't have to sell stolen data on underground forums, or risk being tied to direct extortion such as with ransomware.

Now, there are long-standing malware families of this kind that have proven to be extremely hardy and have been around for years, but new ones pop up all the time.

Take for example the Miuref, a piece of malware that hijacks browsers and search results. First detected in December 2013, the malware is spread via a number of vectors: spam emails, social engineering approaches trying to convince users to run its installer (the commercially available and legitimate Nullsoft installer), and via dropper Trojans.

According to Microsoft research, Miuref is capable of doing several things:
  • Report back to a C&C server and deliver information about the infected system
  • Install Chrome and Firefox extensions that redirect web searches to pages controlled by the attacker
  • Achieve the same for Internet Explorer via code injection
  • Perform click fraud by running additional hidden Internet Explorer processes, and sending clicks to online ads that appear to come from the pages controlled by the attacker
  • Download and run additional malware.
All in all, it's a well-rounded piece of malware that can do much harm to the users.

Microsoft's Security Essentials and Windows Defender (on Windows 8) detect it, so if you use those protections, keep them updated and/or active.









Spotlight

Leveraging network intelligence and deep packet inspection

Posted on 26 November 2014.  |  Tomer Saban, CEO of WireX Systems, talks about how deep packet inspection helps with identifying emerging threats, the role of network intelligence, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 28th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //