How a legitimate and signed driver left the doors open to threats – Week in Security with Tony Anscombe
- by nlqip
Video
A purported ad blocker marketed as a security solution hides kernel-level malware that inadvertently exposes victims to even more dangerous threats
21 Jul 2024
This week, ESET researchers have released their findings about HotPage, a browser injector that leverages a driver developed by a Chinese company and signed by Microsoft.
The malware masquerades as an “Internet café security solution” with ad-blocking capabilities. In reality, however, it displays game-related ads and can modify or replace the contents of a requested page, redirect the user to another page, or open a new page in a new tab based on certain conditions.
What’s more, it also inadvertently leaves the door open for other threats to run code at the highest privilege level in Windows – the SYSTEM account.
Watch as Tony dives into the story and explains how certificate abuse is still a hot issue.
Connect with us on Facebook, Twitter, LinkedIn and Instagram.
Source link
lol
Video A purported ad blocker marketed as a security solution hides kernel-level malware that inadvertently exposes victims to even more dangerous threats 21 Jul 2024 This week, ESET researchers have released their findings about HotPage, a browser injector that leverages a driver developed by a Chinese company and signed by Microsoft. The malware masquerades as…
Recent Posts
- Discord rolls out end-to-end encryption for audio, video calls
- Europol takes down “Ghost” encrypted messaging platform used for crime
- Phison President Promises AI Training, Tuning With A $50K Workstation
- Canary Trap’s Bi-Weekly Cyber Roundup – Canary Trap
- Cisco CX Leader Denzil Samuels Leaves For Solution Provider Behemoth NTT Data