A newly found strain of malware transforms PCs into what Microsoft ominously calls “zombie proxies” utilizing except legitimate programs, and the company claims it’s infected thousands of computers throughout the U.S. and Europe.
Microsoft and Cisco’s Talos researchers each launched reports this week that outlined this cyber threat, which the companies call Nodersok and “Divergent” respectively.
Later the malware disables Windows Defender, which describes how it’s prevented tripping the anti-virus software for this long, and may take control of a PC, but, Microsoft and Cisco researchers are both divided on its primary objective. Microsoft thinks attackers use this proxy to access other networks and “carry out stealthy malicious actions. In the meantime, Cisco Talos argues the malware shares several characteristics with other viruses designed to conduct click-fraud, a tactic that cost advertisers an estimated $19 billion last year alone based on News reports.
Either way, Microsoft states that the campaign has contaminated thousands of machines, with most attacks conducted this month and targeted at consumers. Both companies claim their anti-virus software has been up to date to detect this malware strain moving forward.
These reports come just months after the National Security Agency urged users to update their Windows machines within the wake of a critical security vulnerability called BlueKeep, which Microsoft patched back in May.