1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Shopperz adware takes local DNS hijacking to the next level

Discussion in 'Network World' started by RSS, Sep 3, 2015.

  1. RSS

    RSS New Member Member

    New versions of a highly persistent adware program called Shopperz use a cunning technique to make DNS (Domain Name System) hijacking harder to detect and fix.

    Shopperz, also known as Groover, injects ads into users' Web traffic through methods researchers consider malicious and deceptive.

    In addition to installing extensions in Internet Explorer and Firefox, the program creates Windows services to make it harder for users to remove those add-ons. One service is configured to run even in Safe Mode, a Windows boot option often used to clean malware.

    Moreover, Shopperz creates a rogue Layered Service Provider (LSP) in Windows's network stack that allows it to inject ads into Web traffic regardless of the browser used.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page