Scranos: A threat to your privacy! Steals Password & pushes Youtube clicks
There’s a piece of the latest news trending recently on one of the rootkits named “Scranos”, and you wouldn't believe that the security researchers have successfully discovered this peculiar new type of malicious malware.
“Scranos” objective is to target a victim’s device and steal their personal information like login id & passwords, and account payment details saved on victim’s browser and also secretly pushes up YouTube subscribers to boost the revenue.
This malware/ virus specifically “Scranos,” impacts the machine using it’s rootkit capabilities by hiding among the system files to gain persistent access; regardless of how many times the system was restarted.
After the recent analysis on Scrnos by Bitdefender, they revealed that this dangerous rootkit has shot up the number of its infections in the months after it was first recognized in November.
The director of threat research and reporting at Bitdefender, Bogdan Botezatu in his email stated that “The motivations are strictly commercial,” and also added that “They seem to be interested in spreading the botnet to consolidate the business by infecting as many devices as possible to perform advertising abuse and to use it as a distribution platform for third-party malware.”
Bitdefender discovered that this malware spreads via infected downloads that disguise as genuine apps like e-book readers and video players.
The fraud apps are digitally signed probably from any deceitfully generated documents or certificate to prevent getting hindered by the Computer.
Botezatu said “By adopting this method, the hackers are much more likely to infect victims,” instantly after taking over the system, the rootkit takes clutch to maintain its presence. It then sends a message to its Control and Command Center to download other malicious files.

A number of the multiple essential components transmitted with malicious content can result in the following issues:
-
It extracts cookies and hijacks login credentials from the commonly used browsers i.e., Google Chrome, Opera, Mozilla Firefox, Microsoft Edge, Baidu Browser, Internet Explorer, Chromium, and Yandex Browser.
-
It steals payment accounts of the victims from their accounts like Facebook, Amazon, and Airbnb webpages.
-
It can also send friend requests from the user’s social media accounts like Facebook to fetch private details of other users.
-
It also sends phishing messages to the victims over Facebook that might contain malicious APKs which can also be used to affect Android users.
-
It inserts malicious JavaScript to install adware & extensions through the most common browsers like Internet Explorer, Chrome, Firefox, and Opera.
-
We found some droppers that can install Chrome if not installed on the victim’s computer. They silently display ads or muted YouTube videos to users via Chrome to generate revenue for the malware developers.
-
Subscribes users to their YouTube channels; to download and execute any payload.
Botezatu said “This threat is an extremely complicated one which took a lot of time and effort to set-up,”
The researchers believe that at least botnet has tens of thousands of devices already hooked with this virus.
He concluded with “Rootkit-based malware exhibits an unusual grade of sophistication and dedication,”
Tips to Prevent virus and malware from Infecting Your System:
- Enable your popup blocker: Pop-ups and ads on the websites are the most adoptable tactic used by cybercriminals or developers with the core intention to spread malicious programs.
So, avoid clicking uncertain sites, software offers, pop-ups etc. and Install a powerful ad- blocker for Chrome, Mozilla, and IE
- Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update.By doing this you can keep your device free from virus.According to the survey, outdated/older versions of Windows operating system are an easy target.
- Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
- Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection.Thus always backup important files regularly on a cloud drive or an external hard drive.
- Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like ITL Total Security or a good Malware Removal Tool like Download Virus RemovalTool