Visual Studio Code Malicious Plugins Steal Personal Data

Detected items scored almost 50k downloads in total

Some plugins for Visual Studio Code, a popular code editing tool developed by Microsoft, appear to have malicious code. In particular, a one with over 45,000 downloads is capable stealing personal data. Community alarm forced the quick removal of these pests, but it can be the first sprout of something bigger. What is VS Code… Continue reading Visual Studio Code Malicious Plugins Steal Personal Data

Top 3 Stealer Malware to Be Aware Of in 2023

Aside from stealer majors, there are several novice names with a significant potential

Cybercrime world changes rapidly – both by expanding, collapsing, evolving extensively and intensively. One of the most massive malware types in the modern threat landscape – information stealers – appears to enter a new stage of development. Though its major names remain the same, some new malware families with promising features popped out. Let’s have… Continue reading Top 3 Stealer Malware to Be Aware Of in 2023

RedLine Stealer Issues 100,000 Samples – What is Happening?

There could be quite a lot of applications for 100,000 samples of malware

Throughout the entire early May 2023, GridinSoft analysts team observes an anomalous activity of RedLine stealer. It is, actually, an activity different from what we used to know. Over 100,000 samples of this malware appeared through the first 12 days of the month – that is too much even for more massive threats. Needless to… Continue reading RedLine Stealer Issues 100,000 Samples – What is Happening?

Grand Explorer Software – Remove Malware & Repair System

Grand Explorer shows tons of unwanted ads, that often have malicious contents

Grand Explorer app, or, as it is displayed in the list of installed programs, Grand Explorer 1.0.0.1 (2.4.5.0), is a classic example of adware. This program does not even try to mimic a legit utility, and simply shows you dozens of ads without your permission. It not just creates a mess in your system, but… Continue reading Grand Explorer Software – Remove Malware & Repair System

Fake Windows Update in Browser Deliver Aurora Stealer

Hackers try to convince users to install a malicious package

Fake Windows Update became a malware spreading way once again. Updates are a pretty routine part of the Windows user experience. Over the last 7 years, Windows users mostly used to see the familiar update icon in the tray. Inexperienced people, however, do not know the mechanics of Windows update, and can be trapped with… Continue reading Fake Windows Update in Browser Deliver Aurora Stealer

Fullerton India Hacked, LockBit Leaks 600GB of Data

Company ignored the crooks' double-extortion attempt

Fullerton India, a large lending institution from India, appears to be hacked back in early April 2023. It is confirmed by the LockBit ransomware Darknet blog, where hackers listed the company, and now, over a month later, published all the leaked information. Fullerton, LockBit – who are they? Fullerton India Credit Company, or shortly Fullerton… Continue reading Fullerton India Hacked, LockBit Leaks 600GB of Data

Ransomware Attacks Increasingly Using AuKill Malware to Disable EDR

Ransomware Using AuKill Malware to Disable EDR

A new cybercrime tool called “AuKill” has emerged, which attackers use to disable endpoint detection and response (EDR) defenses used by enterprises before deploying ransomware. AuKill malware uses malicious device drivers to infiltrate systems. Recently, researchers from Sophos discovered an attacker using AuKill before deploying Medusa Locker ransomware and another attacker using it on an… Continue reading Ransomware Attacks Increasingly Using AuKill Malware to Disable EDR

LOBSHOT malware steals cryptowallets, exploits Google Ads

Hidden VNC function may be useful for money stealing without triggering alarms

LOBSHOT, a recently-detected malware family, appears to be a new strong player in the malware market. Carrying a combination of backdoor and spyware functionality, it uses novice spreading ways that make it more effective. Its ability to provide Hidden VNC connections may be a go-to point for numerous cybercriminals. Let’s analyse this malware and see,… Continue reading LOBSHOT malware steals cryptowallets, exploits Google Ads

PaperCut Vulnerability Allows RCE, Exploited in the Wild

Two CVEs in PaperCut allow RCE and account data extraction

PaperCut, a software solution used for print management, appears to be vulnerable to remote code execution (RCE). Another security violation that popped out along with the former allows extracting user data from the profiles created in the program. The RCE vulnerability is already used in cyberattacks. What is PaperCut? PaperCut is a print management solution,… Continue reading PaperCut Vulnerability Allows RCE, Exploited in the Wild

New SLP Vulnerability Allows 2200x DDoS Amplification

Hackers can exploit SLP to launch an enormously powerful DDoS attack

A recently-discovered vulnerability in SLP, a legacy network protocol, can be used for disastrous increasing in DDoS-attack efficiency. As researchers say, the use of SMP vulnerability can push the amplification factor of an attack up to 2200 times – an unseen level. What is SLP? First of all, let’s clear things up. SLP, or Service… Continue reading New SLP Vulnerability Allows 2200x DDoS Amplification