The well-known cybersecurity company Bitdefender has alerted about a new type of malware with which hackers manage to steal passwords and information about payment methods of victims.
This new malware has been named “Scranos”, and at first it was affecting mainly Chinese users. Bitdefender claims that they have crossed the China’s border and are now infecting users all over the world. Although this malware was first identified in November, in recent months the number of installations on computers across the globe has skyrocketed.
And how do they infect users?
The experts at Bitdefender say that Scranos is hidden mostly in cracked software. The most important part of this malware is a rootkit driver that remains hidden on Windows computers. That means it will continue to run even if you restart your computer.
The list of things they manage to do with this malware is quite worrying, as they manage to steal credentials from Google Chrome, Chromium, Mozilla Firefox, Opera, Microsoft Edge or Internet Explorer. They also get payment information used on Facebook, Amazon or Airbnb. The credentials to log into Steam or even send messages to your Facebook friends with a malicious APK and infect Android users.
It seems that they are interested in spreading the botnet to consolidate the business by infecting as many devices as possible to carry out advertising abuses and use it as a platform for distributing third-party malware.
Scranos will also automatically subscribe you to certain YouTube channels and open background windows with mute videos; this way, they can increase the playback counter of certain videos as a tactic to grow accounts that have paid to help them grow or, directly, as an advertising fraud.