CEIDPageLock Rootkit Hijacks Web Browsers

Discussion in '0-day Release' started by silversurfer, Aug 30, 2018.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    A new rootkit that has been distributed via the RIG exploit kit over the past few weeks can manipulate web browsers and also contains sophisticated defense mechanisms, Check Point says.

    Dubbed CEIDPageLock, the malware was initially discovered a few months ago, when it was attempting to modify the homepage of a victim’s browser. The rootkit is currently attempting to turn the victim browser’s homepage into a site pretending to be a Chinese web directory.

    On top of these sophisticated features, the latest versions of the malware monitors user browsing and, when the user attempts to access several popular Chinese websites, it dynamically replaces the content of those sites with the fake home page.

    “Browser hijacking employed by malware like CEIDPageLock, can be profitable due to revenue earned via redirecting victims to search engines that share ad revenue with the referrers,” Check Point explained.

    Source: https://www.securityweek.com/ceidpagelock-rootkit-hijacks-web-browsers
     
    wwd, Der.Reisende and RGiskardR like this.
  2. Google Adsense

Share This Page