starbuck Posted May 22, 2016 Posted May 22, 2016 Security researchers at Bleeping Computer are quick to discover emerging and revenant threats, and this time the team broke the alarm to a new variant of the Shopperz adware, thanks to the tipster in the name of Djordje Lukic. Unlike in the past, the updated Shopperz adware now leverages a rootkit to ward off any possibility of getting detected and removed with the use of advanced anti-virus tools. Since it now takes refuge under a rootkit, the adware has the capability to conceal its real identity from the view of the users or the operating system of the machine that is being infected. How does it do that? Well, when the machine’s operating system sends a request to the malicious application, the adware intercepts those requests and instead sends back a report that is false in order to deceive the operating system. One security researcher from Bleeping Computer tried to find out what the adware looked like. Here’s what the researcher found: when the adware is installed in a machine – either intentionally or inadvertently – the user will see a number of ads on a variety of websites that he or she visits, ads that may look harmless on first look but in reality pose a threat to the site visitor. An attempt to view a folder from any of the content that comes with the infection would lead to a display of an error message that says the folder being attempted to open was not available due to an inconsistency with the parameter. Bleeping Computer took an effort to locate the rootkits and found two drivers that were safely stored in the machine without the operating system detecting its presence. That is a clear indication that a rootkit activity has been taking place. GMER Detecting Rootkit Hooks The return or revival of the Shopperz adware – whichever term best describes the incident – only attests to the fact that adware has become a force to reckon with. It is now difficult to control this kind of malware, as shown by recent incidents. But what really adds a flavor of enigma to the situation is the apparent lack of action of a government agency in the name of the U.S. Federal Trade Commission toward the situation. Adware is designed to take screenshots of an infected computer without the user knowing it, conceal their hacking techniques, conducting man in the middle attacks and dropping miners onto a machine. Source: http://www.techwalls.com/beware-of-new-variant-of-shopperz-adware/ More information at: http://www.bleepingcomputer.com/news/security/shopperz-adware-uses-a-rootkit-to-prevent-detection-and-removal/ Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.