How adware exposed victims to kernel-level threats – Week in Security with Tony Anscombe

by admin 0 Comments

Cyber Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Video

A purported ad blocker marketed as a security solution hides kernel-level malware that inadvertently exposes victims to even more dangerous threats

Editor

21 Jul 2024

This week, ESET researchers have released their findings about HotPage, a browser injector that leverages a driver developed by a Chinese company and signed by Microsoft.

The malware masquerades as an “Internet café security solution” with ad-blocking capabilities. In reality, however, it displays game-related ads and can modify or replace the contents of a requested page, redirect the user to another page, or open a new page in a new tab based on certain conditions. 

What’s more, it also inadvertently leaves the door open for other threats to run code at the highest privilege level in Windows – the SYSTEM account.

Watch as Tony dives into the story and explains how certificate abuse is still a hot issue. 

Connect with us on FacebookTwitterLinkedIn and Instagram.

This article was originally published by Welivesecurity.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 – Nov 10)
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
Massive Telecom Hack Exposes US Officials to Chinese Espionage
Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims

Leave a Reply

Your email address will not be published. Required fields are marked *