After the world crisis produced by Virus Ransyrer, designed to Crypt irreversibly data and documents from victims computers, this year, users of Windows 7 and Windows 10 faces Scranos.
What is scranos?
It's a virus de tip rootkit malware, recently discovered by Bitdefender, able to excerpt used on different sites or online payments platforms, personal data stored On the Internet browsers and subscribe the victim automatically, without realizing, at different channels of YouTube or on other sites that can make financial profits to the attackers.
According to the security specialists from the Security at Bitdefender, Scranos affects all users of Windows 7, Windows 8,1 and Windows 10 who use Internet browsers such as: Chrome, Firefox, Edge, Baidu and Yandex, the most affected being Romania, India, Brazil, France, Italy and Indonesia.
There are data that this virus would have been launched in November 2018, following a stage of development, propagation and consolidation in the first half of this year.
The malware, scranos, having features by rootkit se “planted” Deep in vulnerable Windows and gets permanent access to them even after restarting the operating system. These types of Rootkit virus get their highest access rank in a computer (root / administrator) and are very difficult to detect if users do not have Software Antivirus good and updated up to date.
The motivations of the attackers are strictly commercial, according to his words Bogdan Botezatu, director of research and reporting of computer threats, within Bitdefender. Their intentions are SA spread this malware virus on as many computers to perform advertising abuses and to propagate the virus further USING Victim computers, he said.
YouTube channels promoted by attackers managed to collect over 3,100 subscribers in a single day. From here we can deduce with approximation a quite large number of infected computers, considering that the purpose of the virus is to evade authentication and passwords from various sites, online stores, online payments, Facebook accounts, YouTube, etc.
How does the scranos virus spread and how can you stay away from it?
Bitdefender has found that this malware is hidden behind applications that seem to be real, trusting, as video players or e-book readere. In order for the installation and infection rate to be higher, scranos also benefits from a digital signature, obtained fraudulently. The digital signature that allows the malware application to be easily blocked by the operating system.
Once the rootkit is installed, it announces at a distance an command server if control to download in background additional components badly intended. In the second stage, Hackers inject customized codes able to evade parole and order the remote browsers like: Chrome, Firefox, Edge, Baidu and Yandex. Are particularly targeted by accounts of Facebook, YouTube, Amazon and Airbnb.
Another component of the virus can send messages with infected or promotion links through Facebook, without the user's consent.
Like the first the measure of protection against scranos, is that users be Very paying attention to what applications download and especially where. Even though they seem to be a video player, Music Player, E-Boot Reader, behind an icon and descriptions can hide something else.
Last but not least, Windows users must have an updated antivirus installed.
According to Bitdefender's words, at present would be some Tens of thousands of computers infected with the scranos rootkit, and their number is increasing.
