That’s new… And not good
How did they get Microsoft to sign their driver?
What really stood out to ESET researchers was the embedded driver signed by Microsoft. According to its signature, it was developed by a Chinese company named Hubei Dunwang Network Technology.
[…] according to our research, this software was advertised as an internet café security solution aimed at Chinese-speaking individuals. It purports to improve the web browsing experience by blocking ads and malicious websites, but the reality is quite different — it leverages its browser traffic interception and filtering capabilities to display game-related ads. It also sends some information about the computer to the company’s server, most likely to gather installation statistics
Sounds like MS was fooled some way, they don’t check Chinese only software that carefully? Historically ms had good relations with the Chinese state (E.g. Windows 10 China Government Edition) It sounds like this was targeted to Chinese users.
They don’t know how it slipped through, or they don’t want to tell us…