Security researchers have discovered an unusual new malware that steals user passwords and account payment methods stored in a victim’s browser — and also silently pushes up YouTube subscribers and revenue.
The malware, Scranos, infects with rootkit capabilities, burying deep into vulnerable Windows computers to gain persistent access — even after the computer restarts. Scranos only emerged in recent months, according to Bitdefender with new research out Tuesday, but the number of its infections has rocketed in the months since it was first identified in November.
“The motivations are strictly commercial,” said Bogdan Botezatu, director of threat research and reporting at Bitdefender, in an email. “They seem to be interested in spreading the botnet to consolidate the business by infecting as many devices as possible to perform advertising abuse and to use it as a distribution platform for third party malware,” he said.
Bitdefender found the malware spreading through trojanized downloads that masquerade as real apps, like video players and e-book readers. The rogue apps are digitally signed — likely from a fraudulently generated certificate — to prevent getting blocked by the computer. “By using this approach, the hackers are more likely to infect targets,” said Botezatu. Once …read more