Adware is limited not only to the display of advertisements, aggressive adware variant fact also brings the systems of users at risk, so warn researchers. Where most adware is only nests in the browser, the DynamicPricer-adware first switches off the automatic updates for Chrome and Firefox, and then install an older version of Chrome.
In this old Chrome version, which dates from February 2014, the adware displays all kinds of ads, reports anti-malware company Malwarebytes. The adware is installed via so-called software bundles, which besides the desired program to install all kinds of additional software. Recently warned researchers also adware already installed browsers on the computer trying to replace.
This trojan was hosted at cdn[dot]searchbook[dot]me. Which currently resides at an IP-address that has quite the history (198.232.127.32). If you know where to look you will be able to find other and more recent installers, but they are password protected zip files which will be unpacked by the bundle installer under “normal” circumstances.
VirusTotal Report
No comments:
Post a Comment