LTS Secure Warning: Trojan Stealing User Credentials & Deploying Adware

Infostealer.Scranos is one of the worst Computer threats that is developed to steal information & corrupt data of the compromised devices. It secretly invades your device and is capable enough to make System full of advertisements. Infections like these are developed by team of cyber hackers, with the sole intention to trap an innocent user by displaying endless ads and steal their sensitive data. Once active, it will perform series of malevolent activities and causes lots of serious troubles to you.

 

Technical Details

It transmits via trojanized applications disguised as legitimate/cracked application. The Trojan comes bundled with a kernel-level rootkit which is dropped on the infected device and executed by the dropper.

The rootkit ensures persistence and that other critical function, such as code injection and execution of a down-loader component into svchost.exe. The injected down-loader then sends the information gathered from the infected devices to its C&C server and may further receives instructions to download malicious payload.

 

Impact

  • Steal login credentials & cookies from browser like Google Chrome, Mozilla Firefox, Microsoft Edge, Opera & Internet Explorer.
  • Install browser extensions to inject JavaScript adware on these browsers.
  • Fill up your device with endless pop-up ads and links.
  • Removal of crucial System files without any notification.
  • Exfiltrate browsing history of infected device.
  • Download and execute malicious payload.
  • Makes your PC performance speed much slower than before by consuming up more memory space and resources.

 

Recommended Actions

  • Properly configure your email server to block all the email that contains file attachments that are commonly used to spread such malicious threats, such as .exe, .bat, .vbs, .scr & .pif files using E-Mail filters, and other anti-exploit technology.
  • Always keep your patch devices up-to-date with latest patches made available by the vendor.
  • Install a trusted anti-virus program on your device and perform scans regular basis.
  • Turn off and remove unnecessary services.
  • Always scan removable devices each time before using them.
  • Isolate all of the compromised computers ASAP to prevent threats from spreading further inside your infrastructure.

 

Early Detection” is the key to cull the infection, thus LTS Secure SIEM plays a key role in early detection and alarming about any susceptible events.