S5Mark is not a VPN, it’s adware disguised as a virtual private network. Instead of encrypting users data and enabling them to connect to a virtual private network, the app will download a number of malicious components. The scam was spotted by Romanian cybersecurity and anti-virus software company Bitdefender.
The S5Mark is the latest incarnation of the Zacinlo rootkit virus, adware that has been plaguing Windows 10 machines since 2012. The virus seems to be most spread in the US but has also affected other countries such as France, Germany, Brazil, and China.
Behind the fake UI, Zacinlo uses rootkit functionalities to gain privileged access to a computer and disable antivirus software without being detected. Zacinlo injects ads, relying on a command and control server that tells it which ads to run and where. It will then instruct the PC to secretly click on the ads in the background to generate revenue as well.
The pop-ups that you see advertise other suspicious tools, such as browser toolbars and optimization utilities.
But more worrying is the fact that the adware can grab screenshots and send them back to the control servers. This is probably designed primarily as a tool to monitor the ads that are running, but it also means that it can steal any data that is displayed on the screen – anything from personal photos to credit card and banking information.
In fact, Bitdefender points out that the “extremely configurable and highly modular design” of Zacinlo means that it has the potential to morph into something even more sinister. It already has sophisticated abilities to update itself and communicate with a command server.
Here’s What You Should Look Out For If You Think Your Machine Might be Infected
- Shady looking advertising banners on the web pages you visit
- Pop-ups advertising fake updates or software.
- A flurry of hyperlinks on web pages you visit
- Generally, any unusual behavior on your PC (Zacinlo might install other programs without your knowledge)
- S5Mark might also make your computer act sluggish or your browser freeze
The S5Mark app is typically bundled as an additional “drive-by” download with other free software. So it’s a good rule of thumb to avoid any peculiar looking, too good to be true offers. Remember, there is no such thing as a free lunch.
If you’re looking for a solid VPN, be sure to check out our picks for top 5 services below
|[tbl_rating reviewid=856]||[tbl_stats reviewid=856]|
|[tbl_rating reviewid=1453]||[tbl_stats reviewid=1453]|
|[tbl_rating reviewid=1156]||[tbl_stats reviewid=1156]|
|[tbl_rating reviewid=1296]||[tbl_stats reviewid=1296]|
|[tbl_rating reviewid=1507]||[tbl_stats reviewid=1507]|