Meet Extenbro, a new DNS-changer Trojan protecting adware


These days, the attack of Extenbro is really a hot topic over Internet that draws attention of several System users. If you are another regular Computer user and want to get detailed information of newly identified DNS changer malware named Extenbro then keep reading this expert’s tutorial guide till the end.

Things You Must Know About Extenbro

Over the Internet, there are several adware campaigns that capable to infect user machine with an adware infection. Recently, team of security analysts have observed a new DNS changer Trojan named Extenbro used in the adware campaigns in order to prevent the system users from accessing the security related site. If you think that it is a new tactic used by an adware developers then you are wrong because it’s developer have already used several aggressive tactics in past. But in the latest campaign, attackers attempt to prevent system users from deleting the adware from contaminated or compromised PCs.

Extenbro Uses Bundler To Targets User’s Devices

Extenbro is mainly delivered on user’s machine as a software bundler that usually served along with an adware or another spyware components which get downloaded and installed on victim’s machine with help of the downloader module. In short, downloading and installing of any cost-free or shareware programs from untrusted or unreliable sources is the main source of Extenbro intrusion. Besides, you can also compromise your System via spear phishing email campaigns, torrent downloads, pirated software, fake system or application installer, contaminated devices and much more.

Notorious Behavior Performed By Extenbro On Targeted PCs

As soon as Extenbro enters inside the PC, it automatically changes user’s DNS settings and prevent targeted machine from accessing of security vendors sites. Just because of the presence of this malware on PC, targeted users may notice addition of 4 DNS server by heading to Advanced DNS tab. In order to ensure the DNS modifications, it automatically creates the randomly named Scheduled Task to fixed-location folder. Additionally, it adds a certificate to set of the Windows Root certificates which has no any friendly name. Besides, it is capable to disable the Ipv6 by modifying the registry value of DisabledComponents under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters and after that it forces system to use new DNS servers.

Precaution Measures To Protect Your PC Against Extenbro Attack

  1. Be cautious while doing online operation.
  2. Always download and install the legitimate program from untrusted sources.
  3. Keep your all installed application and OS up-to-date.
  4. Never visit any untrusted or hacked domain.
  5. Always keep a backup copy of your installed application etc.