silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,165
The group behind a malware campaign targeting both Windows and Android devices in an adware operation across both Europe and the US have altered its attack techniques and added new payloads including a cryptominer and a Trojan in an apparent bid to make more money from infected devices.
Details of the multi-functional Scranos malware first emerged in April but shortly afterwards, the operators lost their main mechanism of persistence and disguise when their illicit use of Authenticode certificates was revoked.
But that hasn't stopped the cyber criminal campaign, because in the space of just a few weeks, Scranos has already updated its attack methods in an attempt to rebuild their botnet.
The new techniques employed by Scranos have been detailed by cyber security researchers at Bitdefender – who were also responsible for uncovering the malware campaign earlier this year. It's believed that the campaign has originated from China – but its effects are felt around the globe.
"The rapid mobilization of its operators to contain the damage and maintain control of the already infected machines reveals that they were not ready to give up yet," Bogdan Botezatu, Director of Threat Research and Reporting at Bitdefender told ZDNet.
"They came with a novel approach at concealing their malware behind Microsoft executables and they also started spreading new payloads to keep funding going".