An adware family known primarily for distributing browser hijackers has been caught distributing full-blown malware, security researchers said today in a talk at the VirusBulletin 2020 security conference.
"What's dangerous about Linkury is how it uses its adware front as a gateway to propagate malware," said Arun Kumar Shunmuga Sundaram & Rajeshkumar Ravichandran, two malware analysts at Indian security firm K7 Computing.
"It walks a very fine line between typical adware and malware, and we have seen how it can switch sides based on geolocale," the two said. "It has tailored its operations to cloak its malicious techniques and flies under the guise of 'legitimate, law abiding' adware, giving it recourse to plausible deniability of any wrongdoing."
While cyber-security companies like
Malwarebytes,
Microsoft, or
Trend Micro are currently detecting Linkury operations as "adware," Sundaram and Ravichandran argue that "the case for
flagging it as malware is strong based on the evidence presented in [their]
paper."
