New
#1
More Nefarious Strain of Zacinlo Malware Infecting Windows 10 Machines
Revamped Zacinlo Malware Poses More Serious Threat to Windows 10 PCs, antivirus, anti-malware, Malwarebytes, Symantec
Re-designed to specifically target W10 machines
Installs low-level Rootkit
Disables AV
Uploads info to C&C server
Serves ads
Runs a UI-free browser secretly in the background
Sets up MIM attacks
Kujawa said that Zacinlo needs to be taken seriously. “Despite it’s seemingly benign threat to users, Zacinlo and other similar threats, contain the ability to install additional malware on the system.”
Currently the best known means of transmitting the Zacinlo malware is as part of the payload for a fake VPN package. The package looks like a VPN client, but doesn’t actually do anything except install the malware. However, there are likely other means of spreading this malware beyond the fake VPN.
Once it’s installed in your system, Zacinlo is nearly impossible to detect, but fortunately, it takes a little while for that to happen. “Malwarebytes can detect and remove the adware (adware.5hex) threat once identified, however, this particular malware updates itself so frequently and keeps such a close eye on how security solutions are stopping it, that being able to ensure identification and removal of the rootkit at any time is difficult to promise, especially once the rootkit has been had time to ‘dig in’ to the system.”