For immediate attention to all Windows 10 users, here’s report of another threat to hack your PC. Zacinlo Malware is actually an adware that spams you with loads of advertisements. Bypassing the security system settings of your PC and installing itself firmly, it’s almost impossible to remove. And the story about Zacinlo malware doesn’t end here. This malware also secretly spies on you by taking screenshots of your activities. Now that’s extremely dangerous.
The malware basically infects Windows 10 PCs. But there are also reports of some zacinlo malware attacks on Windows 7 and 8 users as well. Researchers primarily tracked the active samples of this malware in the USA. However, it has also infected users in Germany, Brazil, France, India, China, Indonesia, and the Philippines, in smaller numbers.
Zacinlo Malware Posing Threat To Windows 10 Devices
Researchers at Bitdefender have discovered a robust malware that takes over your computer and spams you with ads. They have named it ‘Zacinlo’ after the final payload, considering this a temporary name for a complex code. Nevertheless, the Zacinlo malware has been around for almost six years severely infecting a number of Windows users. And we didn’t know about it?
After a year of research, the researchers at Cyber Threat Intelligence Lab have published a detailed white paper about this malware. Although the malware has been around since 2012, it became the most active in late 2017. The researchers state while explaining about their work.
“Last year we came across a digitally signed rootkit capable of installing itself on most Windows operating systems, including the newest releases of Windows 10. Since rootkits these days account for under 1 percent of the malware output we see worldwide, this immediately drew our attention and prompted us to carry out an extensive analysis of the payload, its origins, and the spread. We discovered an ample operation whose central component is a very sophisticated piece of adware with multiple functionalities.”
The harmful effects of this malware is that it can deactivate most anti-malware presently available. Popular targets of Zacinlo include Bitdefender, Kingsoft, Symantec, Microsoft, Avast, and numerous other programs.
“The central piece of the adware is probably the rootkit driver, which is responsible for providing persistence and protection for the other components from being read, written or deleted. It is also used to patch or block antimalware services. Among the targeted antimalware solutions are products developed by the following companies: Bitdefender, Qihoo, Kingsoft, Malwarebytes, Symantec, Panda, HitmaPro, Avast, Avg, Microsoft, Kaspersky, Emsisoft, and Zemana. The rootkit finds them by file names or by Subject Name filled in their certificates, then the antimalware modules are prevented from starting.”
Zacinlo Malware Captures Screenshots Of Your PC Screen
Zacinlo runs on most commonly used browsers such as Chrome, Firefox, Internet Explorer, Edge, Safari, and Opera. As this adware begins working, it wipes out any other adware present in the victim’s PC to achieve its goals. It then displays ads so as to generate revenue by getting the clicks.
It also continually captures screenshots of the victim’s desktop as the malware screens a page. These screenshots are then transmitted back, so the malware essentially works as a spy as well, secretly gathering screenshots of your activities.
Can We Detect This Malware?
The sophistication of this malware makes it extremely difficult to detect. Yet, there is one way through which you can detect the presence of Zacinlo in your PC. As stated by Bogdan Botezatu, Senior e-Threat Analyst at Bitdefender,
“Since the rootkit driver can tamper with both the operating system and the anti-malware solution, it is better to run a scan in this rescue mode rather than running it normally.”