Malware
Zacinlo
aka s5mark
Bitdefender describes the primary features of the family as follows: Presence of a rootkit driver that protects itself as well as its other components, presence of man-in-the-browser capabilities that
Bitdefender describes the primary features of the family as follows: Presence of a rootkit driver that protects itself as well as its other components, presence of man-in-the-browser capabilities that intercepts and decrypts SSL communications, and presence of an adware cleanup routine used to remove potential competition in the adware space. It also communicates with its C&C server, sending environment information such as installed AV and other applications. The malware also takes screenshots and does browser redirects, potentially manipulating the DOM tree. It also creates traffic in hidden windows, likely causing adfraud. The malware is generally very configurable and internally makes use of Lua scripts.
Family metadata imported from Malpedia (Fraunhofer FKIE).