Gridinsoft Security Lab

Bitfiat Coin Miner Malware - Overview & Removal Guide

Bitfiat Process High CPU – Explained & Removal Guide

Stephanie AdlamFeb 28, 20244 min read

Bitfiat is a malicious coin miner that exploits your computer’s hardware to mine cryptocurrencies. Such malware takes as much resources…

Ov3r_Stealer Malware Spreads Through Facebook Job Listings

Ov3r_Stealer Steals Crypto and Credentials, Exploits Facebook Job Ads

Stephanie AdlamFeb 8, 20245 min read

A new Windows malware called Ov3r_Stealer is spreading through fake Facebook job ads, according to a report by Trustwave SpiderLabs. The malware is designed to steal sensitive information and crypto wallets from unsuspecting victims. Let’s delve into the mechanics of these deceptive ads, and Ov3r_Stealer. Ov3r_Stealer Abuses Facebook Job Ads Scammers use elaborate job ads posted on Facebook. These seem legitimate at first glance and target a wide range of job seekers with the promise of lucrative opportunities. As the…

Tax Season Scams in 2024: What Should You Expect

Tax Season Scams On The Rise, Beware!

Stephanie AdlamFeb 6, 20246 min read

Tax season has already begun, and so did tax season scams. The IRS annually lists its top tax scams to help taxpayers protect themselves. Most tax season scams involve identity theft, but there could be a lot of other consequences. Awareness of these schemes can help consumers protect themselves, and we will go into more detail about that now. Tax Season Scams Tax season began on Jan. 29, when the Internal Revenue Service (IRS) started receiving and processing 2023 federal…

Mispadu Stealer Exploits Windows SmartScreen Flaw, Targets LATAM

Mispadu Banking Trojan Exploits SmartScreen Flaw

Stephanie AdlamFeb 5, 20244 min read

Recent research uncovers a new sample of Mispadu malware that uses a SmartScreen bypass flaw to integrate itself into the system. This banking trojan from 2019 uses the vulnerability discovered in late 2023 to target mainly LATAM users. Mispadu Trojan Uses SmartScreen Bypass The extensive research regarding Mispadu malware done by Unit 42, among other things, underscores the use of a critical vulnerability in Windows to circumnavigate SmartScreen protection. The flaw, known as CVE-2023-36025, was detected and fixed by Microsoft…

CrackedCantil Dropper Malware Symphony

CrackedCantil Dropper Delivers Numerous Malware

Stephanie AdlamFeb 2, 20246 min read

CrackedCantil is a unique dropper malware sample that operates with a wide variety of malware families. Infecting with one may effectively mean up to five other malware types running in the system. Let’s break down on what it is, how it spreads, and why it is so dangerous. What is CrackedCantil? CrackedCantil is a dropper malware discovered and described by the malware analyst LambdaMamba. The name of this malware derives from two parts. “Cracked” for software cracks, is the primary…

Definition of Bootkit

What is a Bootkit? Explanation & Protection Guide

Stephanie AdlamJan 26, 20245 min read

Bootkit is a rather unusual and unspoken, though widely used kind of malware. These advanced malware types operate beneath the surface, embedding themselves in a computer’s boot sector, allowing them to activate before the operating system (OS) even starts. But why do they need such a deep integration? And where are they used? Let’s find out. What is a Bootkit? A bootkit is a sophisticated type of malware that starts and operates even before the operating system starts – during…

TikTok Shopping Scams Gaining Momentum - How to Avoid?

TikTok Shopping Scams On The Rise: Tips to Avoid

Stephanie AdlamJan 23, 20246 min read

As TikTok evolves into a digital marketplace, its shopping feature presents a new terrain ripe with opportunities. However, this shift includes certain risks, particularly for the youthful demographic, who are Tiktok’s target audience and are not always well-informed about fraud on trading platforms. Let’s find out what shopping scams in TikTok and what you need to know to avoid being deceived by scammers. The Rise of TikTok as a Shopping Hub TikTok, known for its engaging content, has evolved into…

PUABundler:Win32/CandyOpen Malware Removal Guide

PUABundler:Win32/CandyOpen Analysis & Removal Guide

Stephanie AdlamJan 11, 20244 min read

PUABundler:Win32/CandyOpen is an unwanted program that acts as a browser hijacker and can download junk apps to your system. Specifically, it points at a thing known as OpenCandy adware, that is known for its indecent behavior. Let’s break it down and see what the PUABundler/Candyopen on a real-world example. What is PUABundler:Win32/CandyOpen? As I’ve said in the introduction, CandyOpen is a detection name for a specific program that spreads bundles with unwanted programs. It was developed back in the late…

7 Most Common Types of Malware Explained

Seven Common Types of Malware – Analysis & Description

Stephanie AdlamJan 3, 202412 min read

In the intricate landscape of cybersecurity, comprehending the various forms of malware is crucial. This article offers an in-depth look at the most pervasive malware types, from Loaders to Keyloggers. We’ll explore their mechanisms, impacts, and how they compromise digital security, providing you with the knowledge to better safeguard against these ever-evolving cyber threats. Let’s start by understanding what malware is. Malware is malicious software that can harm your computer and data. Some potentially unwanted or malicious applications, also, may…

PUABundler:Win32/PiriformBundler - How to Remove?

PUABundler:Win32/PiriformBundler

Stephanie AdlamDec 29, 20234 min read

PUABundler:Win32/PiriformBundler is the detection of an unwanted program, developed and issued by Piriform Software. While applications from this developer aren’t inherently malicious, the bundled software they carry and their questionable behavior make them less than desirable. What is PUABundler:Win32/PiriformBundler? PiriformBundler is a detection name for unwanted software developed by Piriform. Microsoft assigns such names to denote a group of malware or unwanted software with common traits. Other malware with similar naming conventions may share functionality or code solutions, while those…

Rugmi Loader Surfaces, Spreads Infostealers

Novice Rugmi Loader Delivers Various Spyware

Stephanie AdlamDec 28, 20235 min read

The threat landscape meets a new player – Rugmi Loader. This threat specializes in spreading spyware, and is in fact capable of delivering any malware type. Rugmi boasts of its unusual structure, which makes it rather promising among other loaders. What is Rugmi Loader? The Rugmi is a complex loader with multiple components that deliver information stealers. According to the report, in October and November 2023 alone, Rugmi detections have multiplied. Initially observed with only a few detections, Rugmi has…

What to Do If I Got Scammed - Guide

What Should You Do When You Get Scammed?

Stephanie AdlamDec 27, 20237 min read

As online scams become not only more widespread, but also more sophisticated, it appears to be rather easy to become a victim of one. But what should you do in such a case? Is it possible to get your money back? Let me show you every step you should do. You Got Scammed – Where It All Ends? Before explaining the steps you should take after being scammed, I’d like to specify the starting point. And obviously, this point coincides…

What is Trojan:Win32/Wacatac? Threat Analysis

What is Trojan Wacatac? Analysis Wacatac.B!ml & Protection

Stephanie AdlamDec 21, 20238 min read

Trojan Wacatac is an umbrella detection for a wide range of malicious software, that shares functionality and code. In particular, the Wacatac name points to malware with dropper capabilities that are used to deliver ransomware. Trojan Wacatac Detection Overview Win32/Wacatac detection is one of the numerous detection names that Microsoft assigns to minor malware families. A lot of similar-yet-different malicious software received this name because of the use of the same code solutions and similar functionality. Microsoft’s name often becomes…