On Your s5Mark, Get Set To Receive Malware
By: Jim Stickley and Tina Davis
July 18, 2018
We all love great deals and free stuff. This is especially true if the stuff is typically very expensive. And when we can use something at no cost that does the same things as another product that is super expensive, we win. Well…not so fast. Remember, there is really no such thing as a free lunch. Some researchers at Bitdefender found that some freebies can be quite costly indeed. They found some adware that has been infecting devices for a long time…estimated at nearly six years.
Ok, sometimes the free products are almost as good as the expensive ones, say using open source word processing software rather than Microsoft Word, but there is always some cost, even if it’s just usability or some compatibility kinks. This recent adware is being called Zacinlo and targets Windows machines…90% Windows 10.
The components of it get installed when the victims download a VPN service listed as free. That is called s5Mark. However, this product is actually a way that Zacinlo gets onto the device. When the VPN is being installed, it asks for permissions, even for administrator permissions. Once it gets them, it can open multiple browser sessions, load ad banners, and simulate ad clicks on the device. Each time an ad is clicked, the scammers make money.
It also allows the scammers to take screenshots, which can be very costly indeed if they happen to do this when you’re logging into your financial accounts.
Remember never to give administrator permissions to anything. There are very few apps that need this. In fact, if you don’t know if it needs it to do what you need it to do, assume it doesn’t and that it is up to no good. Then find another product.
Don’t download software and apps willy nilly either. First, make sure they’re from the official stores for your devices. Check the ratings and if there aren’t many and if those are all glowing, the app should be considered suspect. Also, just because there is a charge for an app, it doesn’t mean it’s free of malware.
And this should be obvious, while VPNs are a great idea to have on your mobile devices, especially for connecting to your work network, make sure the one you use is not s5Mark. That one is definitely dangerous.