Gridinsoft Security Lab

Hunt ransomware is a new sample of the Dharma/CrySis ransomware family that appeared on April 5, 2024. This malware aims at encrypting the files and asking a ransom payment for their decryption. It unselectively targets both home users and corporations, correcting the ransom depending on the target. Jakub Kroustek was the first to discover this […]

Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers while performing widespread cryptographic operations. Notably, it is practically impossible to patch the flaw as it stems from the microarchitecture of the processor. Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys Researchers have discovered […]

Dragon Angel is a browser extension that functions as a hijacker malware. It redirects users to promoted search engines or websites. These redirects ruin the process of browsing and can lead to irrelevant or potentially harmful content or malware distribution. Dragon Angel Overview Dragon Angel is a malicious browser extension that can appear in Chrome […]

Taskbarify is unwanted software (like a Movidown)that claims it is a tiny little Windows tweaker. However, it also turns the device into a proxy server without the user’s knowledge. Let me show you what is so dangerous about this utility, and how to remove it. What is Taskbarify? Taskbarify is a Windows utility classified as […]

PUABundler:Win32/uTorrent_BundleInstaller is a Microsoft Defender detection that is associated with the installer of the once popular uTorrent client. It is detected by antiviruses because it contains a fair amount of additional software that is unwanted (PUA). Such programs can pose a security threat to your system. Let’s find out what’s wrong with it. Why is […]

WogRAT, also known as WingsOfGod RAT, is a novice remote access trojan that attacks users from Asian countries. Named after its own file – Wingsofgod.dll, this malware attacks people since late 2022, spreading through the online notepad service. What is WogRAT (WingsOfGod.dll)? WogRAT is a classic example of a remote access trojan, a backdoor-like malicious […]

PUABundler:Win32/FusionCore is a designation that Microsoft Defender Antivirus uses to detect and remove potentially unwanted programs (PUP) that are spread by bundling technology. FusionCore is not a stand-alone program, it is a piece of code that can install various unwanted elements such as adware, toolbars or browser extensions on your computer. Let me show you […]

Trojan:Script/Sabsik.fl.A!ml is what Windows Defender calls a bunch of suspicious code that steals your data and drops other malware on your PC. Think of it as that guy who crashes your party, raids your fridge, then invites his sketchy friends over. Let’s cut through the tech jargon and figure out what this thing actually does […]

Backdoor:Win32/Bladabindi!ml is a generic detection name used by Microsoft Defender. It specifically refers to a backdoor malware known as njRAT, capable of hacking into and controlling victims’ computers. In which cases it is a dangerous trojan and in which cases it is a false positive detection, we will understand in this article. What is Backdoor:Win32/Bladabindi!ml? […]

PUA:Win32/PCMechanic is a detection associated with the potentially unwanted application. This pseudo system optimizer claims that the user’s system has many problems, and then offers to call the “tech support”. Let’s see why this may appear and how to remove it. What is PUA:Win32/PCMechanic? PUA:Win32/PCMechanic is a Microsoft Defender detection that indicates a PC Mechanic […]

Trojan:Script/Ulthar.A!ml is a detection of Windows Defender that identifies as a trojan. It specifically refers to a script-based malicious program. However, it can often turn out to be a false positive, and antivirus programs label harmless files as malicious. Let’s understand what this detection is and why it can be false. What is Trojan:Script/Ulthar.A!ml? Trojan:Script/Ulthar.A!ml […]

Bitfiat is a malicious coin miner that exploits your computer’s hardware to mine cryptocurrencies. Such malware takes as much resources as it can, making the system impossible to use. Let’s see what this malware is, and how to remove it. Bitfiat Overview The Bitfiat process is related to the activity of a malicious coin miner. […]