Gridinsoft Security Lab

Trojan:Script/Phonzy.B!ml is a generic detection name used by Microsoft Defender for a dangerous loader malware. This threat primarily functions as a dropper, downloading and executing additional malicious payloads onto infected systems. In numerous documented infection cases, Phonzy trojan has been observed delivering banking trojans designed to steal financial credentials. Attribute Details Threat Name Trojan:Script/Phonzy.B!ml Type […]

SYSDF is a ransomware-type program that belongs to the Dharma malware family. Such malicious software aims mainly at small companies, aiming at file encryption with further requests for ransom payment for their decryption. It was originally discovered by Jakub Kroustek on February 16, 2024. What is SYSDF Ransomware? SYSDF ransomware is a yet another example […]

Vmmem, short for “Virtual Machine Memory“, is a process that indicates the resource utilization by virtual machines on your system. It operates in tandem with virtual machines and remains inactive without any virtual machine activity. However, suppose you observe high CPU and memory consumption by the vmmem process. In that case, your virtual machine is […]

Public release of ChatGPT made a sensation back in 2022; it is not an exaggeration to say it is a gamechanger. However, the scammers go wherever large numbers of people do. Fake ChatGPT services started popping up here and there, and this is not going to be over even nowadays. So, what is ChatGPT virus? […]

A new Windows malware called Ov3r_Stealer is spreading through fake Facebook job ads, according to a report by Trustwave SpiderLabs. The malware is designed to steal sensitive information and crypto wallets from unsuspecting victims. Let’s delve into the mechanics of these deceptive ads, and Ov3r_Stealer. Ov3r_Stealer Abuses Facebook Job Ads Scammers use elaborate job ads […]

Tax season has already begun, and so did tax season scams. The IRS annually lists its top tax scams to help taxpayers protect themselves. Most tax season scams involve identity theft, but there could be a lot of other consequences. Awareness of these schemes can help consumers protect themselves, and we will go into more […]

Recent research uncovers a new sample of Mispadu malware that uses a SmartScreen bypass flaw to integrate itself into the system. This banking trojan from 2019 uses the vulnerability discovered in late 2023 to target mainly LATAM users. Mispadu Trojan Uses SmartScreen Bypass The extensive research regarding Mispadu malware done by Unit 42, among other […]

CrackedCantil is a unique dropper malware sample that operates with a wide variety of malware families. Infecting with one may effectively mean up to five other malware types running in the system. Let’s break down on what it is, how it spreads, and why it is so dangerous. What is CrackedCantil? CrackedCantil is a dropper […]

Bootkit is a rather unusual and unspoken, though widely used kind of malware. These advanced malware types operate beneath the surface, embedding themselves in a computer’s boot sector, allowing them to activate before the operating system (OS) even starts. But why do they need such a deep integration? And where are they used? Let’s find […]

TikTok shopping scams is a new attack vector on online shoppers. Immense popularity of the Chinese social network led to addition of shopping functionality to the application. This, however, attracted fraudulent actors who aim at parasitizing on peoples’ unawareness about potential scams. In this article, I am going to explain how these scams work, and […]

In the intricate landscape of cybersecurity, comprehending the various forms of malware is crucial. This article offers an in-depth look at the most pervasive malware types, from Loaders to Keyloggers. We’ll explore their mechanisms, impacts, and how they compromise digital security, providing you with the knowledge to better safeguard against these ever-evolving cyber threats. Let’s […]

PUABundler:Win32/PiriformBundler is the detection of an unwanted program, developed and issued by Piriform Software. While applications from this developer aren’t inherently malicious, the bundled software they carry and their questionable behavior make them less than desirable. What is PUABundler:Win32/PiriformBundler? PiriformBundler is a detection name for unwanted software developed by Piriform. Microsoft assigns such names to […]