ESET Research
Unveiling HotPage: A Trojan Disguised as Adware
05 Sep 2024
•
,
1 min. read
When you hear the term adware, what comes to mind? Most likely, it’s associated with low-quality, spammy advertisements. However, the reality is far more complex. In our latest podcast episode, we delve into HotPage, a newly discovered trojan that leverages a vulnerable, Microsoft-signed kernel driver to manipulate users’ browsing experience.
Hosted by ESET Distinguished Researcher Aryeh Goretsky and ESET Principal Threat Intelligence Researcher Robert Lipovsky, the discussion compares HotPage to other sophisticated threats like infostealing malware. The episode also sheds light on the arduous process the creators underwent to obtain Microsoft’s signature for their driver.
Notably, HotPage masquerades as a security solution and ad blocker for Chinese internet cafes while bombarding users with unwanted ads. Its strategic targeting suggests a focus on Chinese gamers, making it a formidable threat in that region.
Tune in to discover how ESET tackled HotPage, receive practical tips to safeguard against such threats, and learn what steps to take if you suspect an infection. For comprehensive reports on HotPage and other threat activities, follow ESET research on X. Stay updated by exploring our latest content on WeLiveSecurity.com, and subscribe to our podcast on Spotify, Apple Podcasts, or PodBean.
