Zacinlo is a malware on Windows 10 that operated for 6 years covertly. It has been discovered by Bitdefender cyber security experts. Here are its peculiarities

There is a malware on Windows 10 that operated for 6 years covertly. It’s dubbed Zacinlo and it has been discovered by Bitdefender cyber security experts. This rare strain of malware typically operates by silently rendering webpages in the background in hidden windows to simulate clicks and keyboard interactions, or can replace ads naturally loaded in an open web browser with its own ads to collect revenue. The malicious code is armed with a sophisticated array of features to ensure it remains undetected, featuring an adware cleanup routine to remove any potential rivals. It can also uninstall or delete services based on instructions it receives from the command and control infrastructure, to which it routinely sends information about its environment, including what form of anti-malware services may be installed, and which applications are running on startup.

The malicious adware is spreding in the USA, France, Germany, Brazil, China, India, Indonesia and Phillipines. It’ is continuously updated with new functionalities and tools

Moreover, Zacinlo is able to take screen captures of a user’s desktop and send them to its owners for analysis. The vast majority of the malware samples Bitdefender tracked, were spotted in the USA and – in much lower numbers – in France, Germany, Brazil, China, India, Indonesia, Phillipines. The adware campaign seem to date back as far as 2012 but it appears the malware was most active in the final months of 2017. By the way, the malicious code is continuously updated with new functionalities, dropped altogether or integrated entirely in other components.

The Bitdefender whitepaper on the new cyber threat (file PDF)