VERY IMPORTANT

While adware is usually considered annoying for users and relatively harmless to enterprise security, the adware campaigns we’ve seen since the beginning of 2016 behave more like advanced network threats. One particularly persistent adware attack piqued our interest around March. This attack leverages PowerShell, a Windows scripting language, to execute commands and remain persistent on the host machines. Along with creating hourly scheduled tasks, the adware also has the potential to download additional malicious code and direct the user to compromised websites.