Malware is a direct threat to your computers and your enterprise as a whole. In particular, DealPly adware is wreaking havoc at businesses across the land by evading detection while abusing Microsoft and McAfee. Our London IT consulting team is here to help you prevent a setback due to DealPly or any other type of malware.
Beware of DealPly
The vast majority of adware is nothing but an annoyance. However, there are some situations in which a unique form of adware arises, catching the attention of cyber security professionals far and wide. DealPly, a brand new type of adware, is one such problem. DealPly has the features commonly found in adware, yet is unique in that it can bypass antivirus detection. DealPly typically ends up on a machine through a seemingly legitimate software installation coupled with adware.
As an example, a seemingly innocent downloading of software to edit photos can lead to the presence of DealPly on a computer. Once the adware is executed, it covertly installs into a %AppData% within Windows, adding itself to the computer's hourly Windows Task Schedule. The adware communicates with the command-and-control server each time the task is launched, transmitting an encrypted request through HTTP to obtain information. In fact, the latest version of DealPly to hit computers also takes advantage of McAfee antivirus software to bypass identification. Instead of notifying users of potentially harmful adware or other threats, McAfee and SmartScreen are manipulated by DealPly to prevent the user from being warned. This is precisely why it makes sense to ask for assistance from London IT consulting experts.
Why DealPly is Able to Wreak Havoc
DealPly is likely making use of reputation services to determine which specific variant and site for download is compromised and will not suffice for subsequent infections. DealPly gathers data and searches such services by way of numerous servers and proxies. DealPly uses Microsoft's SmartScreen for URLs to search by way of the SmartScreen reputation server. The adware transmits the JSON request along with a header for Base64 shell authorisation to determine how the server will respond. The data collected is sent to the C2 of the malware to determine if the sample from DealPly is blacklisted. In fact, DealPly is even capable of abusing the latest editions of McAfee WebAdvisor to boot.
Contact the Experts for Digital Protection
At Wem Technology, our London IT consulting team can help you avoid the negative fallout from DealPly and additional digital threats. From network security tools to dark web scanning, network firewalls, the latest antivirus security protection and beyond, our London IT company has got you covered in terms of digital security. Contact us now for your protection.