Popular Software Site Hacked to Redirect Users to Keylogger, Infostealer, More

Discussion in 'malware problems & news' started by mood, Jul 11, 2018.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,388
    Popular Software Site Hacked to Redirect Users to Keylogger, Infostealer, More
    July 11, 2018
    https://www.bleepingcomputer.com/ne...redirect-users-to-keylogger-infostealer-more/
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,480
    Location:
    The Netherlands
    This is exactly why you always need to monitor app installation even when downloading trusted tools.
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,388
    VSDC Site Hacked Again to Spread Password Stealing Malware
    April 11, 2019
    https://www.bleepingcomputer.com/ne...ed-again-to-spread-password-stealing-malware/
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,388
    Hackers Use Fake NordVPN Website to Deliver Banking Trojan
    August 19, 2019
    https://www.bleepingcomputer.com/ne...ke-nordvpn-website-to-deliver-banking-trojan/
     
  5. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    7,904
    Location:
    U.S.A.
    Per URLVoid scan, appears Dr. Web is the only one blacklisting the web site.
     
  6. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,127
    According to VT, Dr. Web and Kaspersky are the only AV products blacklisting nord-vpn.club.
     
  7. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    7,904
    Location:
    U.S.A.
    Eset and Fortinet also now blacklist the web site.
     
  8. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    5,457
    Location:
    USA
    URLVoid looks to be of limited value. I entered one of my boss' domains and it said last scan 7 years ago and as it is now on a different host, all of the info was out of date. No offense obviously, but it is likely I won't bother with it again.
     
  9. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    7,904
    Location:
    U.S.A.
    Agreed. Always perform a rescan option when using it.

    Also, it appears the engines it uses are employed with minimum scan settings; i.e. blacklist checking only. For example if you want a thorough scan of the web site using Quttera which I strongly recommend, you have to go to their web site and initiate the scan there.
     
    Last edited: Aug 19, 2019
  10. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,388
    VSDC Download Link on CNET Compromised to Distribute Malware
    February 7, 2020
    https://www.technadu.com/vsdc-download-link-cnet-compromised-distribute-malware/91899/
    Dr.Web: Cybercriminals use CNET website to spread the infected VSDC installer
     
  11. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,388
    Malware Disguised as Google Updates Pushed via Hacked News Sites
    March 25, 2020
    https://www.bleepingcomputer.com/ne...-google-updates-pushed-via-hacked-news-sites/
    Dr.Web: Cybercriminals spread dangerous backdoor as Google Chrome update
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.