Batu69 Posted November 11, 2016 Share Posted November 11, 2016 Microsoft has automatically removed malicious software that hijacked the browser of internet users and had rootkit capabilities from 1.2 million Windows computers. The malware is called BrowserModifier:Win32/Soctuseer and is be installed when downloading software from third-party websites. Computers infected by Soctuseer will show advertisements with discounted or lower prices, related to the product that the user is searching from popular online shopping websites. The advertisements have the attribution name of “Social2Search”. For example, if an user searches for “tablet”, Soctuseer will show pop-up advertisements for tablets on other websites. The malware is able to do its job in all major browsers like Firefox, Chrome, Internet Explorer and Edge because it uses a NetFilter driver and directly injects a DLL into the browser’s process. Soctuseer also has rootkit capabilities to conceal its presence on a computer. Microsoft discovered 1.2 million computers that are infected with Soctuseer, mainly in the United States, Indonesia and India. These computers were automatically cleaned by the built-in Windows tool Malcious Software Removal Tool (MSRT) during yesterday’s Patch Tuesday. When updates are installed, MSRT automatically scans the computer for malware and removes any malware it finds. Article source Link to comment Share on other sites More sharing options...
nIGHT Posted November 12, 2016 Share Posted November 12, 2016 I think MS did forced update my OS too yesterday to protect it against this. I don't know but maybe that was the reason or it's just a coincidence. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.