Post by Andrei Z.Post by RbwdHi.
Does it work in Linux?
I can't find it.
https://linuxitpro.net/news/microsoft-exposes-adrozek-malware-hijacks-chrome-edge-and-firefox
Widespread malware campaign seeks to silently inject ads into search
results, affects multiple browsers - Microsoft Security
https://www.microsoft.com/security/blog/2020/12/10/widespread-malware-campaign-seeks-to-silently-inject-ads-into-search-results-affects-multiple-browsers/
The beginning of the chain, is running "setup...xxx.exe", an
installer that auto-elevates.
While a Linux user could run WINE setup...xxx.exe
the question would be, what browser would or could the attack
attach to ? The WINE files are on Drive_C. Could a person
run Chrome.exe in WINE and the campaign attack it ?
I would say for the most part, a WINE attack vector is unlikely.
There isn't a strong incentive to be running browsers from WINE.
And the attack would then inject adverts into the WINE browser
and not the host-level browser.
They would need to craft an attack with .deb and get you
to compromise your setup by adding a third-party repo. Maybe
they could get in that way. Seeing as this outfit has mounds
of meat-machines to create the malware (a whole team), they
could easy send off a sub-team to work on a Linux version.
It would depend on whether they thought it was worth the effort
(payback).
You'd use your usual level of OPSEC to stop them.
Paul