A digitally-signed rootkit is used in wide-reaching malicious activities aimed at stealing login credentials, browsing history, and adware activity. The rootkit, Scranos, is a memory rootkit that infects Windows systems via fake software posing as pirated utilities, or legitimate applications like e-book readers, video players, and even anti-malware solutions. Bitdefender says the malware keeps evolving and reached computers in India, Romania, Brazil, France, Italy, and Indonesia.
Source: https://www.bleepingcomputer.com/news/security/scranos-operation-uses-signed-rootkit-to-steal-login-and-payment-info/

