A sordid and persistent malware has made its presence felt in recent days, and computer owners running Windows 10 is its main goal. Malware, fills the computers with ads and gets screenshots of the desktop, which then sends to the intruders.
His security researchers Bitdefender, discovered this malware named Zacinlo, which first appeared on 2012. About 90% of Zacinlo's victims come from the US and run Microsoft Windows 10 on their PCs. There are, however, other victims in Western Europe, China and India, while a small percentage of those running Windows 7 and 8 are also affected.
How does it infect computers?
Zacinlo passes to computers via rootkit, accompanied by a "free VPN application" that allows it to easily migrate to the system. After being loaded, the fake application is apparently working as a VPN while actually downloading files and transferring the final Zacinlo payload to the background.
Malware presents advanced features such as installing on a targeted system and spamming ads whenever a victim opens a site.
It also replaces legitimate ads on a site by displaying advertisements developed by attackers to monetize through them. In fact, it can eliminate any other adware already in the device so there is no competition.
Most worrying, however, is that Zacinlo can pull screenshots of the desktop and send it to the intruders. Consequently, sensitive information, such as login credentials, photos, videos, etc. is at risk. to fall into the wrong hands.
How can we avoid it?
A false free service VPN called s5Mark has been identified as the carrier of this malicious software. The Zacinlo can run smoothly in popular browsers like Chrome, Firefox, Opera, Safari, Edge, Internet Explorer, etc. And install payload to understand secure web connections MITM attack methods. So, researchers are advising Windows users to avoid installing unknown or suspect third-party applications and not visiting unknown sites.