Video
A purported advert blocker marketed as a safety resolution leverages a Microsoft-signed driver that inadvertently exposes victims to harmful threats
21 Jul 2024
This week, ESET researchers have launched their findings about HotPage, a browser injector that leverages a driver developed by a Chinese language firm and signed by Microsoft.
The malware masquerades as an “Web café safety resolution” with ad-blocking capabilities. In actuality, nevertheless, it shows game-related adverts and may modify or change the contents of a requested web page, redirect the person to a different web page, or open a brand new web page in a brand new tab based mostly on sure situations.
What’s extra, it additionally inadvertently leaves the door open for different threats to run code on the highest privilege degree in Home windows – the SYSTEM account.
Watch as Tony dives into the story and explains how certificates abuse continues to be a sizzling subject.
