"Ad-Injecting Malware Posing as DwAdsafe Ad Blocker Uses Microsoft-Signed Driver"
ESET researchers have found a sophisticated Chinese browser injector. This signed ad-injecting driver comes from a "mysterious" Chinese company. According to ESET, "HotPage" comes self-contained in an executable file, which installs its main driver and injects libraries into Chromium-based browsers. It poses as a security product capable of blocking ads but actually introduces new ads. In addition, the malware replaces the content of the current page, redirects the user, and more. This article continues to discuss findings regarding the ad-injecting malware.
Submitted by grigby1
Submitted by Gregory Rigby
on