- #VSDC VIDEO EDITOR VIRUS SOFTWARE DOWNLOAD#
- #VSDC VIDEO EDITOR VIRUS .DLL#
- #VSDC VIDEO EDITOR VIRUS SOFTWARE#
- #VSDC VIDEO EDITOR VIRUS DOWNLOAD#
This JavaScript file was disguised as a Video installer file.
#VSDC VIDEO EDITOR VIRUS SOFTWARE#
Users who downloaded the video editing software offered by VSDC on these days ended up downloading a JavaScript file instead of the original video editing software executable file. The first and third attack caused large scale damage and affected many unsuspecting users in comparison to the second attack.
#VSDC VIDEO EDITOR VIRUS DOWNLOAD#
On J(second instance) and J(third instance), the attacks were carried out and original links were again replaced with third party download links.
#VSDC VIDEO EDITOR VIRUS SOFTWARE DOWNLOAD#
The first attack commenced on Jwhen the free video software download link was replaced with third party download links. The attack was carried out in three stages. Upon downloading from these swapped links, the users ended up downloading theft Trojan or Info-stealer, remote access trojan (RAT) and a key-logger program. The miscreants changed the download links for the software offered by VSDC, to download links that commenced downloads of malware strains from attacker controlled & operated servers. In a recent cyber attack, a popular website VSDC that provides free audio & video editing and conversion software had been hijacked by malicious programmers to insert different malware strains. It also carries the specified malicious components and has a valid digital signature.Īll mentioned threats are successfully detected and removed by Dr.Web.ĭoctor Web experts recommend all VSDC users check their devices with our antivirus.Video Editing Website VSDC download links replaced with key-logger, info-stealer and Remote Access Trojan (RAT) It should be noted that one of the repositories contains a hacked NordVPN installer. A trojan for remote control over RDP protocol.Utilising BackDoor.TeamViewer, the attackers are able to deliver payload modules with malware to infected devices, such as:
#VSDC VIDEO EDITOR VIRUS .DLL#
dll files detected as BackDoor.TeamViewer, which allows the trojan to establish an unauthorised connection to an infected computer, as well as a script for bypassing Microsoft Windows’s built-in anti-virus protection. The second folder contains a downloader trojan that further retrieves auxiliary malicious modules from the repository. One folder contains a normal set of files for the TeamViewer remote control application.
During the installation process, in addition to the actual program’s files, the installer creates two folders in the %userappdata% directory. The infection mechanism is implemented as follows.
Non-target users are redirected to the legitimate VSDC website, while the others receive a hacked installer, but with a valid digital signature. Target selection is based on geolocation. The compromised link leads users to downloadsvideosfotdevcom, which is a spoofed domain name controlled by hackers. This time cybercriminals distribute the malicious installer through CNET's downloadcom by replacing the native download link on VSDC’s webpage with a fake one. According to SimilarWeb statistics, monthly visits to CNET’s Downloads section is around 90 million users.Įarlier in 2019, we reported an attack on the website of the popular video editing freeware called VSDC. Instead of the genuine program, visitors receive a modified installer bundled with malicious software, allowing cybercriminals to access the infected computers remotely. Doctor Web virus analysts report that VSDC video editor’s download link has been compromised on popular software platform CNET.
0 kommentar(er)
