• Uncategorised

Scranos rootkit expands operations from China to the rest of the world

source code bytecode

A malware operation previously limited to China’s borders has expanded over the past few months to infect users from all over the world, antivirus firm Bitdefender said in a report published today.

Users who have the bad habit of downloading and installing cracked software applications are at the highest risk.

According to Bitdefender experts, these apps are laced with a relatively new malware strain named Scranos. The most important piece of this malware is a rootkit driver that’s hidden inside the tainted apps and which allows the malware to gain boot persistence and take full control over users’ systems in the early stages of an infection.

A very dangerous “work in progress”

Although Bitdefender describes Scranos as “a work in progress, with many components in the early stage of development,” the malware is still very dangerous as it is.

That’s because Scranos is a modular threat that once it infects a host computer, it can ping its command and control (C&C) server for additional instructions, and then download small modules to execute a fine set of operations.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *