The vulnerability in a verified and authenticated driver that exposes systems to risks – Security Update by Tony Anscombe

AndyC 24 July 2024

Video
A claimed ad blocker promoted as a security measure utilizes a Microsoft-approved driver, inadvertently posing harmful threats to users

How a legitimate and signed driver left the doors open to threats – Week in Security with Tony Anscombe

Video

A claimed ad blocker promoted as a security measure utilizes a Microsoft-approved driver, inadvertently posing harmful threats to users

Editor

21 Jul 2024

The revelations about HotPage have been disclosed by ESET researchers this week, as detailed in their report. HotPage is a browser injector that operates using a driver created by a Chinese firm and endorsed by Microsoft.

This malicious software poses as an “Internet café security application” offering ad-block features. In truth, it exhibits ads related to games and has the ability to alter page content, redirect users, or launch new tabs based on specific criteria.

Furthermore, it unwittingly grants access to other threats to execute code at the highest Windows privilege level – the SYSTEM account.

Delve into the narrative with Tony as he examines the implications and ongoing concerns related to certificate misuse.

Stay connected via FacebookTwitterLinkedIn, and Instagram.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

AndyC 19 December 2025
ESET Threat Report H2 2025

ESET Threat Report H2 2025

AndyC 17 December 2025
Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025
Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025
Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025
Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025

You may have missed

Amazon Warns Perncious Fake North Korea IT Worker Threat Has Become Widespread

Randall Munroe’s XKCD ‘Fifteen Years’

AndyC 20 December 2025
Why AppSec Can’t Keep Up With AI-Generated Code

Google Shutting Down Dark Web Report Met with Mixed Reactions

AndyC 20 December 2025
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

AndyC 20 December 2025
Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025
Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.