Cybercriminals were able to trick their way into Microsoft’s secure ecosystem using malicious software disguised as a normal application. This became known thanks to an investigation conducted by cybersecurity experts from Eset.
Dubbed DWAdsafe and originally discovered in late 2023, the malware masquerades as a HotPage.exe installer that purports to improve website performance and block ads. However, in reality, DWAdsafe injects code into system processes and intercepts browser traffic, redirecting users to game-related advertisements.
As reported by TweakTown, citing a study by Eset antivirus software developers, the malware could change, replace or redirect web traffic and open new tabs, depending on certain conditions. It is interesting that the built-in HotPage.exe driver was approved and signed by Microsoft, although it belonged to the Chinese company Hubei Dunwang Network, about which almost nothing was known.
The investigation also found that the software, advertised as an “internet café security solution,” targeted Chinese-speaking users and collected computer data for statistical purposes, which was then redirected to the DWAdsafe developers’ server.
The concern is that Microsoft’s review and approval process allowed a malicious application to enter the Windows Server directory. Romain Dumont, one of the Eset researchers, commented on the situation: “I don’t think there is a completely reliable process for checking all the companies’ data and whether the declared functions of the software correspond to the actual functions. Microsoft could do more thorough checks, but let’s face it: it’s a difficult and time-consuming task.”
Eset reported the malware to Microsoft on March 18, 2024. The software giant removed the problematic product from the Windows Server catalog on May 1, 2024. Eset has since labeled this threat as Win{32|64}/HotPage.A and Win{32|64}/HotPage.B.
Image Source: Mediatonic Among the available formats are team deathmatch, every man for himself, and…
Seasonic has released the PRIME PX-2200 2200 W power supply. The new product was first…
The ability of modern automation to control vehicles without human intervention is limited by a…
GPUs, originally created for creating three-dimensional images, have performed well in the field of accelerating…
South Korean electronics maker Samsung Display plans to invest $1.8 billion this year to build…
More and more users are complaining about problems with the responsiveness of the iPhone 16…