Visual Studio Code Malicious Plugins Steal Personal Data

Detected items scored almost 50k downloads in total

Some plugins for Visual Studio Code, a popular code editing tool developed by Microsoft, appear to have malicious code. In particular, a one with over 45,000 downloads is capable stealing personal data. Community alarm forced the quick removal of these pests, but it can be the first sprout of something bigger. What is VS Code… Continue reading Visual Studio Code Malicious Plugins Steal Personal Data

Top 3 Stealer Malware to Be Aware Of in 2023

Aside from stealer majors, there are several novice names with a significant potential

Cybercrime world changes rapidly – both by expanding, collapsing, evolving extensively and intensively. One of the most massive malware types in the modern threat landscape – information stealers – appears to enter a new stage of development. Though its major names remain the same, some new malware families with promising features popped out. Let’s have… Continue reading Top 3 Stealer Malware to Be Aware Of in 2023

RedLine Stealer Issues 100,000 Samples – What is Happening?

There could be quite a lot of applications for 100,000 samples of malware

Throughout the entire early May 2023, GridinSoft analysts team observes an anomalous activity of RedLine stealer. It is, actually, an activity different from what we used to know. Over 100,000 samples of this malware appeared through the first 12 days of the month – that is too much even for more massive threats. Needless to… Continue reading RedLine Stealer Issues 100,000 Samples – What is Happening?

Grand Explorer Software – Remove Malware & Repair System

Grand Explorer shows tons of unwanted ads, that often have malicious contents

Grand Explorer app, or, as it is displayed in the list of installed programs, Grand Explorer 1.0.0.1 (2.4.5.0), is a classic example of adware. This program does not even try to mimic a legit utility, and simply shows you dozens of ads without your permission. It not just creates a mess in your system, but… Continue reading Grand Explorer Software – Remove Malware & Repair System

Fake Windows Update in Browser Deliver Aurora Stealer

Hackers try to convince users to install a malicious package

Fake Windows Update became a malware spreading way once again. Updates are a pretty routine part of the Windows user experience. Over the last 7 years, Windows users mostly used to see the familiar update icon in the tray. Inexperienced people, however, do not know the mechanics of Windows update, and can be trapped with… Continue reading Fake Windows Update in Browser Deliver Aurora Stealer

LOBSHOT malware steals cryptowallets, exploits Google Ads

Hidden VNC function may be useful for money stealing without triggering alarms

LOBSHOT, a recently-detected malware family, appears to be a new strong player in the malware market. Carrying a combination of backdoor and spyware functionality, it uses novice spreading ways that make it more effective. Its ability to provide Hidden VNC connections may be a go-to point for numerous cybercriminals. Let’s analyse this malware and see,… Continue reading LOBSHOT malware steals cryptowallets, exploits Google Ads

PaperCut Vulnerability Allows RCE, Exploited in the Wild

Two CVEs in PaperCut allow RCE and account data extraction

PaperCut, a software solution used for print management, appears to be vulnerable to remote code execution (RCE). Another security violation that popped out along with the former allows extracting user data from the profiles created in the program. The RCE vulnerability is already used in cyberattacks. What is PaperCut? PaperCut is a print management solution,… Continue reading PaperCut Vulnerability Allows RCE, Exploited in the Wild

Capita Hacked, Black Basta Gang Publishes Data

The breach potentially exposes hundreds of gigabytes of company's data

Capita, a London-based international business process outsourcing company, was hacked recently. Users noticed strange events in the company earlier this month, but the confirmation appeared only on April 20, 2023. Black Basta ransomware gang posted Capita among other victims on its Onion leak website. What is Capita? Capita is a company for business processes outsourcing.… Continue reading Capita Hacked, Black Basta Gang Publishes Data

LockBit Releases World’s First macOS Ransomware

MacOS seems to be not that invincible to malware infections

LockBit, an infamous ransomware gang that became a major threat actor over the last two years, released the variant of its ransomware for macOS. Previously, this system was considered safe from ransomware, as no known samples were targeting it specifically. Currently, LockBit’s product is considered the first ransomware that breaks that rule. What is the… Continue reading LockBit Releases World’s First macOS Ransomware

Domino Backdoor is Lead by FIN7 and Conti Actors

New Domino Backdoor appears to be a collaboration between two notorious threat actors

A new Domino Backdoor popped out at the beginning of 2023. Since February, a new malware family coined Domino is used for attack on corporations, having Project Nemesis stealer as a final payload. Analysts say that the new backdoor is controlled and developed by ex-TrickBot/Conti actors and hackers related to the FIN7 group. Who are… Continue reading Domino Backdoor is Lead by FIN7 and Conti Actors