Beware If You Are Using the VSDC Video Editor Or Its Website - Hackers Are Active Once Again
Beware If You Are Using the VSDC Video Editor Or Its Website - Hackers Are Active Once AgainHackers once again got control of VSDC, a free multimedia editor website. Banking Trojan and information stealer were spreading through the download links.
This intrusion was discovered by the researchers of Doctor Web, according to whom the hackers hijacked and infected the downloadable files on the website and made visitors of the site download the banking Trojan, Win32.Bolik.2, Trojan.PWS.Stealer as well as the editing software.
VSDC boasts nearly 13 million users, which makes this incident even more dangerous considering the number of potential victims.
In July 2018, a Chinese security firm, Qihoo 360 Total Security found out that hackers have breached the security of VSDC website. The three specific dates, June 18, July 2 and July 6 were also mentioned when the attackers were active.
The VSDC team said that they have worked on the vulnerability that let hackers attack the site, whereas researchers said the attack happened again many times.
People who had been to VSDC recently and downloaded their video editor and converter software got their computers affected with the multi-component polymorphic banking Trojan, Win32.Bolik and KPOT Stealer Trojan.
The banking Trojan is for performing web injections, intercepting the traffic, key-logging and also for stealing the sensitive information the bank-client systems. Whereas KPOT for stealer is responsible for swiping information from different programs like browsers, Microsoft accounts, messengers, etc.
As per the Doctor Web report, Win32.Bolik.2 banking Trojan had been affecting the computers of 565 users after downloading from VSDC and around 83 had been affected with KPOT stealer.
The developers of VSDC were informed about this and they took a step for replacing the download links to the original ones.
In response to his. The VSDC team said that with the growing popularity of the app, more attackers have been trying to take advantage of it. The site has a properly functioning security system but it too was affected by the attackers using a different approach this time.
The security vulnerability had been detected by the company where the administrative side and the program files were safe, said the VSDC. An innovative protection algorithm has been used by the company so the similar attacks can be prevented in the future. It also mentioned that now the visitors and the software users should not be worried about any threat.