By Staff Writer
Jun 20 2018
Malware takes screenshots of users’ desktops, and has been operating silently for six years.
Researchers have uncovered a sophisticated rootkit-based adware, mainly prevalent on Windows 10 devices, that has been operating covertly for six years.
Dubbed Zacinlo, this rare strain of malware typically operates by silently rendering webpages in the background in hidden windows to simulate clicks and keyboard interactions, or can replace ads naturally loaded in an open web browser with its own ads to collect revenue.
The malware, subject to an extensive investigation by security company Bitdefender, is armed with a sophisticated array of features to ensure it remains undetected, and even quashes any ‘competition’, featuring an adware cleanup routine to remove any potential rivals in the adware space.
It can also uninstall or delete services based on instructions it receives from the command and control infrastructure, to which it routinely sends information about its environment, including what form of anti-malware services may be installed, and which applications are running on startup.
One of its most concerning features involves a significant invasion of privacy, with Zacinlo able to take screen captures of a user’s desktop and send them to its command and control centre for analysis.
Powered by WPeMatico