Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Bug Security

Scranos Rootkit Expands Operations From China To the Rest of the World (zdnet.com) 27

A malware operation previously limited to China's borders has expanded over the past few months to infect users from all over the world, antivirus firm Bitdefender said in a report published today. From a report: Users who have the bad habit of downloading and installing cracked software applications are at the highest risk. According to Bitdefender experts, these apps are laced with a relatively new malware strain named Scranos. The most important piece of this malware is a rootkit driver that's hidden inside the tainted apps and which allows the malware to gain boot persistence and take full control over users' systems in the early stages of an infection. Although Bitdefender describes Scranos as "a work in progress, with many components in the early stage of development," the malware is still very dangerous as it is. That's because Scranos is a modular threat that once it infects a host computer, it can ping its command and control (C&C) server for additional instructions, and then download small modules to execute a fine set of operations.
This discussion has been archived. No new comments can be posted.

Scranos Rootkit Expands Operations From China To the Rest of the World

Comments Filter:
  • User stupidity ... (Score:5, Insightful)

    by Anonymous Coward on Tuesday April 16, 2019 @10:06AM (#58444444)

    Users who have the bad habit of downloading and installing cracked software applications are at the highest risk.

    Well, once you're doing that you've pretty much left behind any hope you will have security.

    If you're installing software from a source you don't know you can trust, this is what happens.

    This reminds me of a receptionist we had back in the mid-90's. That lady would download every stupid thing she found ... dinosaur cursors, cat screen savers, puppy themed start menus ... you name it. Invariably every 2-3 months her machine would have to be completely re-imaged because she had it so infested with shit.

    We told her repeatedly "stop installing this shit, it's a security risk" ... and she always pretty much on day one started downloading the same shit. She didn't seem to grasp that she herself was why her machine was always fucked up.

    Me, at this point, I assume pretty much all apps are shit, full of malware, and adding little or no value (or even posing a risk). They're nothing more than a conduit for ads and having your data stolen.

    The entire app economy is based on garbage in my opinion, and if people can't grasp their own stupidity, they deserve the malware.

    • Just a thought. Your post is the best, so far. (Admittedly, it's early) and I agree. I have mod points but I I don't have my permission to spend /. mod on AC.

      If that doesn't matter to you, well that's OK. Should it, login.

      Still, as a a retired IT guy, I have lived the frustration that you have lived.

      Thanks.

    • Gotta agree with sibling. If I had mod points, I'd damned sure spend them here.

      Well, once you're doing that you've pretty much left behind any hope you will have security.

      If you're installing software from a source you don't know you can trust, this is what happens.

      Quoting the best line for propagation.

  • Comment removed based on user account deletion
    • by Dunbal ( 464142 ) *
      Better still block it at the download level and don't download it. Back before broadband was common and digital downloads didn't exist, an argument could be made for trying to get something you couldn't find elsewhere. Now we're surrounded by cheap digital sources, you can buy and download any software you want, you have a wide variety of services that stream all sorts of movies and shows. There's not much drive for piracy except for the need to "get stuff for free". Well caveat emptor.
  • by bill_mcgonigle ( 4333 ) * on Tuesday April 16, 2019 @10:44AM (#58444638) Homepage Journal

    Why doesn't TFS say if this affects iOS, lightbulbs, Windows, or Fedora?

    Just SCADA systems, then? FFS.

    • by CODiNE ( 27417 )

      When they don't tell you what it affects, it's always Windows.

      Otherwise they clearly point it out by stressing how other OS' are JUST AS vulnerable.

      And yes just as vulnerable to Trojan horse software.

  • by mspohr ( 589790 ) on Tuesday April 16, 2019 @12:14PM (#58445150)

    If it only runs on Windows, it is of no consequence since it only affects those too stupid to protect themselves.

In the long run, every program becomes rococco, and then rubble. -- Alan Perlis

Working...