Scranos is a signed rootkit to steal login credentials, payment information, and browsing history as well as spam social network users and adware activity. It poses as a video driver and can download any payload once installed. The targets range from popular browsers Chrome, Chromium, Firefox, Opera, Edge, Internet Explorer, Baidu, and Yandex to services from Facebook, Amazon, Airbnb, Strea, and Youtube.


  • June 2019: The data-stealing malware has returned to include a cryptominer and a trojan in order to make more money from infected devices.

Technical Details

  • Bleeping Computer provides technical analysis on Scranos, here.


Image Source: Bleeping Computer