The Adrozek attack chain. (Source: Microsoft) Microsoft security researchers have been tracking a browser modifier dubbed Adrozek that is installed on an individual device and can modify four widely used browsers to inject ads into their search results.
The Microsoft 365 Defender Research Team says Adrozek has been attacking Microsoft Edge, Google Chrome, Yandex Browser and Mozilla Firefox since at least May with malware that injects ads into search engine result pages. Microsoft believes hundreds of thousands of devices could be affected. If not detected and blocked, Adrozek adds browser extensions, modifies a specific DLL per target browser, and changes browser settings to insert additional, unauthorized ads into web pages, often on top of legitimate ads from search engines, Microsoft says.