Gridinsoft Security Lab

Trojan:Script/Ulthar.A!ml is a detection of Windows Defender that identifies as a trojan. It specifically refers to a script-based malicious program. However, it can often turn out to be a false positive, and antivirus programs label harmless files as malicious. Let’s understand what this detection is and why it can be false. What is Trojan:Script/Ulthar.A!ml? Trojan:Script/Ulthar.A!ml […]

Bitfiat is a malicious coin miner that exploits your computer’s hardware to mine cryptocurrencies. Such malware takes as much resources as it can, making the system impossible to use. Let’s see what this malware is, and how to remove it. Bitfiat Overview The Bitfiat process is related to the activity of a malicious coin miner. […]

Trojan:Script/Phonzy.B!ml is a generic detection name used by Microsoft Defender for a dangerous loader malware. This threat primarily functions as a dropper, downloading and executing additional malicious payloads onto infected systems. In numerous documented infection cases, Phonzy trojan has been observed delivering banking trojans designed to steal financial credentials. Attribute Details Threat Name Trojan:Script/Phonzy.B!ml Type […]

SYSDF is a ransomware-type program that belongs to the Dharma malware family. Such malicious software aims mainly at small companies, aiming at file encryption with further requests for ransom payment for their decryption. It was originally discovered by Jakub Kroustek on February 16, 2024. What is SYSDF Ransomware? SYSDF ransomware is a yet another example […]

Vmmem, short for “Virtual Machine Memory“, is a process that indicates the resource utilization by virtual machines on your system. It operates in tandem with virtual machines and remains inactive without any virtual machine activity. However, suppose you observe high CPU and memory consumption by the vmmem process. In that case, your virtual machine is […]

Public release of ChatGPT made a sensation back in 2022; it is not an exaggeration to say it is a gamechanger. However, the scammers go wherever large numbers of people do. Fake ChatGPT services started popping up here and there, and this is not going to be over even nowadays. So, what is ChatGPT virus? […]

A new Windows malware called Ov3r_Stealer is spreading through fake Facebook job ads, according to a report by Trustwave SpiderLabs. The malware is designed to steal sensitive information and crypto wallets from unsuspecting victims. Let’s delve into the mechanics of these deceptive ads, and Ov3r_Stealer. Ov3r_Stealer Abuses Facebook Job Ads Scammers use elaborate job ads […]

Tax season has already begun, and so did tax season scams. The IRS annually lists its top tax scams to help taxpayers protect themselves. Most tax season scams involve identity theft, but there could be a lot of other consequences. Awareness of these schemes can help consumers protect themselves, and we will go into more […]

Recent research uncovers a new sample of Mispadu malware that uses a SmartScreen bypass flaw to integrate itself into the system. This banking trojan from 2019 uses the vulnerability discovered in late 2023 to target mainly LATAM users. Mispadu Trojan Uses SmartScreen Bypass The extensive research regarding Mispadu malware done by Unit 42, among other […]

CrackedCantil is a unique dropper malware sample that operates with a wide variety of malware families. Infecting with one may effectively mean up to five other malware types running in the system. Let’s break down on what it is, how it spreads, and why it is so dangerous. What is CrackedCantil? CrackedCantil is a dropper […]

Bootkit is a rather unusual and unspoken, though widely used kind of malware. These advanced malware types operate beneath the surface, embedding themselves in a computer’s boot sector, allowing them to activate before the operating system (OS) even starts. But why do they need such a deep integration? And where are they used? Let’s find […]

TikTok shopping scams is a new attack vector on online shoppers. Immense popularity of the Chinese social network led to addition of shopping functionality to the application. This, however, attracted fraudulent actors who aim at parasitizing on peoples’ unawareness about potential scams. In this article, I am going to explain how these scams work, and […]