Gridinsoft Security Lab

Hackers started using GoDaddy Refund Emails as a disguise to trick the users into installing malware. In order to deploy the payload, they opted for a particularly new tactic or, well, combination of ones. As a payload, a unique free open-source Invicta Stealer is used. GoDaddy Refund Email Phishing Being a widely popular web hosting […]

Researchers discovered Ducktail Malware, which targets individuals and organizations on the Facebook Business/Ads platform. The malware steals browser cookies and uses authenticated Facebook sessions to access the victim’s account. As a result, the scammers gain access to Facebook Business through the victim’s account, which has sufficient access to do so. It is a particularly interesting […]

Throughout the entire early May 2023, GridinSoft analysts team observed an anomalous activity of RedLine stealer. It is, actually, an activity different from what we used to know. Over 100,000 samples of this malware appeared through the first 12 days of the month – that is too much even for more massive threats. Needless to […]

Fake Windows Update became a malware spreading way once again. Updates are a pretty routine part of the Windows user experience. Over the last 7 years, Windows users mostly used to see the familiar update icon in the tray. Inexperienced people, however, do not know the mechanics of Windows update, and can be trapped with […]

LOBSHOT, a recently-detected malware family, appears to be a new strong player in the malware market. Carrying a combination of backdoor and spyware functionality, it uses novice spreading ways that make it more effective. Its ability to provide Hidden VNC connections may be a go-to point for numerous cybercriminals. Let’s analyse this malware and see, […]

A new Domino Backdoor popped out at the beginning of 2023. Since February, a new malware family coined Domino is used for attack on corporations, having Project Nemesis stealer as a final payload. Analysts say that the new backdoor is controlled and developed by ex-TrickBot/Conti actors and hackers related to the FIN7 group. Who are […]

Recent research from the CheckPoint Research team revealed a new ransomware sample that can potentially beat all samples currently present on the market. They coined it Rorschach, and already say that its unique properties can make it dominant ransomware pretty quickly. We told about this malware in a recent news post, and now it’s time […]

BlackGuard, a prolific infostealer malware, received an update at the edge of 2023. The new update introduced advanced data-stealing capabilities and secure connectivity features. The new version also includes a row of new anti-detection and anti-analysis capabilities. Let’s have a more detailed look into this malware and see the difference from all aspects. BlackGuard Stealer […]

As the main shopping event of the year approaches, Black Friday shopping scams have into view. Con actors from all over the world try to create the most convincing fraud, trying to make a fortune. Let’s see the most common Black Friday scams, and the way to avoid them. How Do Scams Work? Fraudsters use […]

Intruders are developing more and more methods to get what they want. Social engineering is one of the most common methods through which fraudsters manage to deceive the user, manipulate him, and instill his fear and urgency. Once the victim is emotional, the fraudsters begin to cloud her judgment. Any human error is a vulnerability […]

Ransomware rarely chooses the sole type of targets for their attacks. They roam from attacks on small coffee shops to strikes on governmental organisations, with the corresponding adaptations to their software. However, all classic handbooks about offensive operations state that it is important to find a vulnerability of a target and exploit it. Such a […]

What is a Reverse Proxy? A reverse proxy is the same server but is in front of a web server. Depending on its configuration, it allows or refuses the external connection to reach the endpoint. Reverse proxies are used to improve security, performance, and reliability. To understand how a reverse proxy works and what benefits […]