{"id":81975,"date":"2024-07-26T11:44:03","date_gmt":"2024-07-26T03:44:03","guid":{"rendered":"https:\/\/version-2.com\/?p=81975"},"modified":"2024-07-22T11:45:06","modified_gmt":"2024-07-22T03:45:06","slug":"chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2024\/07\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/","title":{"rendered":"Chinese HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities, ESET Research discovers"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"81975\" class=\"elementor elementor-81975\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-71ae5294 post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"71ae5294\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4a899f&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1e9119cd\" data-id=\"1e9119cd\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4f04f8cb elementor-widget elementor-widget-text-editor\" data-id=\"4f04f8cb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div id=\"content-c10764446\" class=\"frame frame-default frame-type-text frame-layout-0\"><ul><li>ESET Research has discovered a sophisticated Chinese browser injector ESET dubbed HotPage.<\/li><li>It is a signed, vulnerable, ad-injecting driver from a mysterious Chinese company.<\/li><li>The threat poses as a security product that blocks advertisements; however, it introduces even more ads.<\/li><li>HotPage can replace the content of the current page, redirect the user, or simply open a new tab to a website full of gaming ads.<\/li><li>The threat leaves the door open for other threats to run code at the highest privilege level available in the Windows operating system.\u00a0<\/li><\/ul><p><strong>BRATISLAVA, MONTREAL<\/strong> \u2014 <strong>July 18, 2024<\/strong> \u2014 ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company. This threat, which ESET dubbed HotPage, comes self-contained in an executable file that installs its main driver and injects libraries into Chromium-based browsers. Posing as a security product capable of blocking advertisements, it actually introduces new ads. Additionally, the malware can replace the content of the current page, redirect the user, or simply open a new tab to a website full of other ads. The malware introduces more vulnerabilities and leaves the system open to even more dangerous threats. An attacker with a non-privileged account could leverage the vulnerable driver to obtain SYSTEM privileges or inject libraries into remote processes to cause further damage, all while using a legitimate and signed driver.<\/p><p>At the end of 2023, ESET researchers stumbled upon an installer named \u201cHotPage.exe\u201d that deploys a driver capable of injecting code into remote processes, and two libraries capable of intercepting and tampering with browsers\u2019 network traffic. The installer was detected by most security products as an adware component. What really stood out to ESET researchers was the embedded driver signed by Microsoft. According to its signature, it was developed by a Chinese company named Hubei Dunwang Network Technology Co., Ltd.<\/p><p>\u201cThe lack of information about the company was intriguing. The distribution method is still unclear, but according to our research, this software was advertised as an internet caf\u00e9 security solution aimed at Chinese-speaking individuals. It purports to improve the web browsing experience by blocking ads and malicious websites, but the reality is quite different \u2014 it leverages its browser traffic interception and filtering capabilities to display game-related ads. It also sends some information about the computer to the company\u2019s server, most likely to gather installation statistics,\u201d explains ESET researcher Romain Dumont, who discovered the threat.<\/p><p>According to available information, the business scope of the company includes technology-related activities such as development, services, and consulting \u2013 but also advertising activities. The principal shareholder is currently Wuhan Yishun Baishun Culture Media Co., Ltd., a very small company that looks to be specialized in advertising and marketing. Due to the level of privileges needed to install the driver, the malware might have been bundled with other software packages or advertised as a security product.<\/p><p>Using Windows\u2019 notification callbacks, the driver component monitors new browsers or tabs being opened. Under certain conditions, the adware will use various techniques to inject shellcode into browser processes to load its network-tampering libraries. Using Microsoft\u2019s Detours hooking library, the injected code filters HTTP(S) requests and responses. The malware can replace the content of the current page, redirect the user, or simply open a new tab to a website full of gaming ads. On top of its obvious mischievous behavior, this kernel component leaves the door open for other threats to run code at the highest privilege level available in the Windows operating system: the SYSTEM account. Due to improper access restrictions to this kernel component, any process can communicate with it and leverage its code injection capability to target any non-protected processes.<\/p><p>\u201cThe HotPage driver reminds us that abusing Extended Verification certificates is still a thing. As a lot of security models are at some point based on trust, threat actors are inclined to play along the line between legitimate and shady. Whether such software is advertised as a security solution or simply bundled with other software, the capabilities granted thanks to this trust expose users to security risks,\u201d adds Romain.<br \/>ESET reported this driver to Microsoft in March 2024 and followed their coordinated vulnerability disclosure process. ESET technologies detect this threat \u2014 which Microsoft removed from the Windows Server Catalog on May 1, 2024 \u2014 as Win{32|64}\/HotPage.A and Win{32|64}\/HotPage.B.<\/p><p>For more technical information about HotPage, read the blogpost \u201c<a href=\"https:\/\/www.welivesecurity.com\/en\/eset-research\/hotpage-story-signed-vulnerable-ad-injecting-driver\/\" target=\"_blank\" rel=\"noopener\">HotPage: Story of a signed, vulnerable, ad-injecting driver<\/a>\u201d on WeLiveSecurity.com. Make sure to follow <a href=\"https:\/\/twitter.com\/ESETresearch\" target=\"_blank\" rel=\"noopener\">ESET Research on Twitter (today known as X)<\/a> for the latest news from ESET Research.<\/p><p class=\"align-center\"><em><strong>The Chinese company\u2019s certified products listed in the Windows Server Catalog<br \/><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/HotPage.png\" alt=\"\" width=\"729\" height=\"603\" \/><br \/><\/strong><\/em><\/p><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1a1b0f4 elementor-widget elementor-widget-shortcode\" data-id=\"1a1b0f4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18159\" class=\"elementor elementor-18159\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-73b4cd0 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"73b4cd0\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8d19c1e\" data-id=\"8d19c1e\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8865cce elementor-widget elementor-widget-text-editor\" data-id=\"8865cce\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About ESET<\/strong><br \/>For 30 years, ESET\u00ae has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET\u2019s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24\/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&amp;D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single \u201cin-the-wild\u201d malware without interruption since 2003.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>ESET Research has discovered a sophisticated Chinese br [&hellip;]<\/p>\n","protected":false},"author":149011790,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1273,40,61],"tags":[41,1272],"class_list":["post-81975","post","type-post","status-publish","format-standard","hentry","category-1273","category-eset","category-press-release","tag-eset","tag-1272"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Chinese HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities, ESET Research discovers - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Chinese HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities, ESET Research discovers - Version 2\" \/>\n<meta property=\"og:description\" content=\"ESET Research has discovered a sophisticated Chinese br [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-26T03:44:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/HotPage.png\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/07\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"Chinese HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities, ESET Research discovers\",\"datePublished\":\"2024-07-26T03:44:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/07\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/\"},\"wordCount\":789,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/HotPage.png\",\"keywords\":[\"ESET\",\"2024\"],\"articleSection\":[\"2024\",\"ESET\",\"Press Release\"],\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/07\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/\",\"url\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/\",\"name\":\"Chinese HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities, ESET Research discovers - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/HotPage.png\",\"datePublished\":\"2024-07-26T03:44:03+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/HotPage.png\",\"contentUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/HotPage.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Chinese HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities, ESET Research discovers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Chinese HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities, ESET Research discovers - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/","og_locale":"zh_HK","og_type":"article","og_title":"Chinese HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities, ESET Research discovers - Version 2","og_description":"ESET Research has discovered a sophisticated Chinese br [&hellip;]","og_url":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/","og_site_name":"Version 2","article_published_time":"2024-07-26T03:44:03+00:00","og_image":[{"url":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/HotPage.png","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"tracylamv2","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"5 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2024\/07\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"Chinese HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities, ESET Research discovers","datePublished":"2024-07-26T03:44:03+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2024\/07\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/"},"wordCount":789,"commentCount":0,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/HotPage.png","keywords":["ESET","2024"],"articleSection":["2024","ESET","Press Release"],"inLanguage":"zh-HK","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2024\/07\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/","url":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/","name":"Chinese HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities, ESET Research discovers - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/#primaryimage"},"image":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/HotPage.png","datePublished":"2024-07-26T03:44:03+00:00","breadcrumb":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/#primaryimage","url":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/HotPage.png","contentUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/HotPage.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/chinese-hotpage-browser-injector-is-capable-of-replacing-web-content-and-opens-the-system-to-other-vulnerabilities-eset-research-discovers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/zh\/"},{"@type":"ListItem","position":2,"name":"Chinese HotPage browser injector is capable of replacing web content and opens the system to other vulnerabilities, ESET Research discovers"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/zh\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-lkb","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/81975","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=81975"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/81975\/revisions"}],"predecessor-version":[{"id":81979,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/81975\/revisions\/81979"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=81975"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=81975"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=81975"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}