Gridinsoft Security Lab

Remember when we used to worry about viruses that just crashed your computer? Those were simpler times. In 2025, cybercriminals prefer to steal your data rather than destroy it. Welcome to the golden age of infostealer malware – the digital pickpockets that empty your accounts while you’re busy scrolling through cat videos. The data tells […]

Have you ever noticed your computer suddenly running like it’s wading through molasses? Files taking forever to open, strange network activity, and your antivirus throwing up a cryptic alert about something called “Virus:Win32/Expiro”? You’re not alone. This particularly nasty piece of malware has been giving security professionals headaches for years, and despite numerous attempts to […]

Slopsquatting is a new type of cyber threat that takes advantage of mistakes made by AI coding tools, particularly LLMs that can “hallucinate”. In this post, we’ll break down this new type of attack, find out why it can occur, dispel some myths, and figure out how to prevent it. Slopsquatting – New Techniques Against […]

SnapeDex.com claims to be a cryptocurrency exchange offering free Bitcoin, but there are significant concerns about its legitimacy. However, this site is designed to scam users, particularly with its promise of 0.31 BTC for free. Here’s a breakdown of the findings based on available information. 0.31 BTC SnapeDex.com Scam Overview SnapeDex.com presents itself as a […]

Trojan:Win32/Yomal!rfn is a detection name used by Microsoft Defender Antivirus. It’s heuristic detection, so it may be a false positive. In this post, I will tell you why this threat is dangerous, how to understand whether it is a false positive or not, and what to do if it is a real threat. Trojan:Win32/Yomal!rfn Overview […]

I think Trojan:Win32/Wacatac, one of the nastiest pieces of malware I’ve encountered in my life. This digital pest has been wreaking havoc on Windows systems, stealing sensitive data, damaging system files, and even deploying ransomware. We’ve seen infections skyrocket by 34% just in the past year—making it one of those threats you really need to […]

D0glun Ransomware: Technical Analysis and Protection Guide D0glun ransomware emerged in January 2025 as a new crypto-ransomware variant with direct links to the Babuk and Cheng Xilun ransomware families. This sophisticated threat encrypts files using AES-256 encryption, appends the “.@D0glun@” extension to compromised files, and demands Bitcoin payment for decryption. This technical analysis explores D0glun’s […]

GorillaBot is a sophisticated botnet malware that has been making headlines for its aggressive DDoS attacks. Building on the infamous Mirai botnet framework, this evolved threat targets internet-connected devices with advanced evasion techniques and encryption methods. This analysis breaks down GorillaBot’s technical features, attack vectors, and provides actionable protection measures. Mirai-based botnet malware targeting IoT […]

Gotexcoin appears to be a fraudulent cryptocurrency platform that lures users with promises of free Bitcoin, specifically 0.31 BTC XLord promo code, often linked to fake endorsements from Elon Musk. This scam is promoted through deceptive methods, such as deepfake videos on social media, aiming to trick users into depositing their own Bitcoin, which is […]

The FBI Denver Field Office has warned about a growing scam involving free online file converter tools, which appears to be a significant cybersecurity concern. These tools, while converting files as advertised, often distribute malware, leading to serious issues like ransomware and identity theft, affecting users across the region. Online File Converter Scam Warning by […]

HackTool:Win64/GameHack!rfn is a Windows Defender detection for potentially dangerous game cheating software. Beyond their advertised functionality, these tools often contain hidden malicious features that can steal credentials, install additional malware, or compromise system security. This comprehensive guide analyzes the threat in detail and provides a complete removal solution. Threat Name HackTool:Win64/GameHack!rfn Type Game Hacking Tool […]

$34.6 million in cryptocurrency could be at risk from StilachiRAT, a complex remote access trojan first detected by Microsoft Incident Response in November 2024. Unlike conventional ransomware that announces its presence, this digital threat operates silently in the background, monitoring user activities until it identifies the perfect moment to drain cryptocurrency wallets. According to Microsoft’s […]