// Hacking NEWS // A New Sophisticated Malware Is Conquering the World

Released in a Trojan horse form, Scranos has an impressive modular platform: data theft, online account retrieval, advertising injection, etc.

Source
A new elaborate and scary malware has just appeared on the security researchers’ radar at Bitdefender Labs. Called "Scranos", it spreads through various and varied Windows software: video players, e-book readers, "security" software, drivers, etc. Initially, this malware was only distributed in China. But since a few months, it spreads around the world.

Once installed, this Trojan will first deploy a series of DLL files that will go to collect cookies from browsers and steal ids from Facebook, Amazon, Youtube and Airbnb accounts. Then it deactivates the Windows Defender Real-Time Protection security software. We are never careful enough.

Before self-destruct, it will finally install a rootkit in a video driver form. This is authenticated by a signature issued on behalf of Yun Yu Health Management Consulting Shanghai. This is probably a stolen certificate.

Before each shutdown of the infected device, this driver saves its data in a file and programs its own reactivation in the Windows registry. That way, at the next start, it can automatically resume its service. Convenient.

A true Scranos masterpiece, this rootkit is able to inject a "downloader" into a legitimate Windows process with the objective, as its name suggests, of downloading other malicious modules. This opens the door to a lot of piracy and scams. One of the modules allows, for example, to diffuse hacked Android applications from the victim's Facebook friends. Another specializes in steam ids theft.

Moreover, it can install browser extensions that will force some pages opening or change the default search engine. The Javascript adv injection or the automatic subscription to Youtube accounts are also part of the catalogue.

Bitdefender Labs -

In short, Scranos is a rather well-crafted cybercriminal platform that allows launching many different activities. The developers of this malware seem to be particularly actives and are constantly testing new modules on the thousands of PCs they have successfully infected up to now. (I must recognize the ingenuity of its creator...)

The malicious potential of this new malware is therefore important ... and must be watched closely.

Source: Bitdefender Labs

Stay Informed, Stay Safe

• I've made a lot of articles with tools, explanations and advises to show you how to protect your privacy and to secure your computer, GO check them out!

  • This is my guide to secure your PC after a fresh installation of Windows

  • If you think that your phone or your PC has been hacked, you have to check it right now!

  • That's how you can be more Anonymous on the internet!

  • The future of Cyber-Security, what to expect?

  • The best crypto debit card – Wirex!

  • These are the best VPN to protect your numeric life: NordVPN, ExpressVPN and CyberGhost!

  • Your PC is slow? That's why!

  • Why is it important to be discreet on the Internet

  • The 4 security measure to put in place on your WIFI router

  • The security guide everyone must have on holidays!

  • Feel hot? Your computer also!

  • How an adware works?

  • That's how you should guard against Trojan!

  • Why antiviruses are not your friend?!

  • Basics tools to protect your privacy and your computer

  • What are the different types of hackers?