Author Topic: Scranos Operation Uses Signed Rootkit to Steal Login and Payment Info  (Read 52 times)

Offline Antus67

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 3768
    • View Profile
Author: Ionut Ilascu

A digitally-signed rootkit is used in wide-reaching malicious activities aimed at stealing login credentials, payment information, and browsing history, spam social network users, and adware activity.

Dubbed Scranos by researchers, the rootkit poses as a video driver. Once installed, it can download any payload its operator chooses. The targets range from popular browsers Chrome, Chromium, Firefox, Opera, Edge, Internet Explorer, Baidu, and Yandex to services from Facebook, Amazon, Airbnb, Steam, and Youtube.

full article here:
Windows Defender
VoodooShield 5.01
Trojan Remover