Gridinsoft Security Lab

PUADIManager:Win32/OfferCore Detection Analysis & Removal Guide

What is PUADIManager:Win32/OfferCore? Analysis and Removal

Stephanie AdlamFeb 22, 20244 min read

PUADIManager:Win32/OfferCore is a detection of Microsoft Defender related to bundled software, specifically to a piece of code that is used…

Sextortion Scams Explained & Ways to Avoid

What is Sextortion? Explanation, Signs & Ways to Avoid

Stephanie AdlamDec 1, 20238 min read

Sextortion is a specific email phishing tactic that was around for quite some time. Over the last few years though its popularity skyrocketed, and some novice technologies make me concerned regarding possible sextortion approaches in future. Let me explain what I mean, what this scam is about, and how to detect and avoid it. What is Sextortion? The term “Sextortion” is rather self-explanatory, aside from the fact that this practice has been in use for a pretty long time. That…

Rude Stealer: Analysis of a Rare Java Malware

Rude Stealer Targets Data from Gamer Platforms

Stephanie AdlamNov 25, 20235 min read

A newly discovered Java-based stealer named Rude has emerged, encapsulated within a Java Archive (JAR) file. It employs a range of sophisticated functionalities and focuses on stealing sensitive data from gaming platforms such as Steam, Discord, and other browsers. Rude Stealer Overview In early November 2023, researchers identified a malicious JAR file labeled “Stealer.jar” on VirusTotal. Further analysis revealed that this file is an information stealer named Rude. Unlike a more common form of executable files, this malware is Java-based…

What is Windows Defender Security Warning?

What is Microsoft Security Warning Scam?

Stephanie AdlamNov 8, 20236 min read

Fraudsteds massively employ Microsoft Azure hosting to start Microsoft Security scam pages. They range from a scary warning that blocks your browser window to a phishing pages, indistinguishable from real. Let’s see the most typical types of these scams and their features. What is Windows Defender Security Warning? Fake Windows Defender Security Warning (Microsoft Security Warning) is a malicious attempt to deceive users into believing their system is compromised or at risk. In reality, these warnings are part of a…

Disable Windows Defender - Windows 10/11 Guide

How to Disable Windows Defender? Windows 10 & 11 Guide

Stephanie AdlamNov 8, 20236 min read

“Disable Windows Defender” has become a particularly popular advice to the users who want to speed up their computer. Though, not all of them mention the actual way to disable it. Moreover, this trick has become quite complicated with the Windows 11 release. Let’s figure out how to disable Windows Defender in both Windows 10 and 11, and also understand whether it is necessary at all. How to Disable Windows Defender in Windows 10/Windows 11 Despite some deep changes made…

Android:TrojanSMS-PA Detection - What is It?

What is Android:TrojanSMS-PA detection?

Stephanie AdlamOct 29, 20233 min read

Android:TrojanSMS-PA is a detection name from a built-in Huawei security tool. This particular name recently appeared as a detection of the Google app on Huawei devices. However, this name is not a 100% false positive, and here is why. What is Android:TrojanSMS-PA? As I said, Android:TrojanSMS-PA detection name is one of hundreds used by an antivirus tool that is built into the Huawei smartphones and tablets. Since the company ships the devices with their own builds of Android, that lack…

WinRAR RCE Vulnerability Exploited in the Wild

WinRAR Vulnerability Allows Arbitrary Code Execution

Stephanie AdlamOct 26, 20235 min read

Over the past few weeks, Google’s Threat Analysis Group (TAG) has reported a worrying trend. Experts have observed government-sponsored actors from different nations exploiting this WinRAR vulnerability as part of their operations. The vulnerability received an index of CVE-2023-38831. Even though a patch has since been released, many users remain vulnerable to potential attacks. WinRAR RCE Vulnerability Exploited Through a PNG File In August 2023, RARLabs, the developer of WinRAR, released an updated version that addressed several security-related issues. Among…

Professional Hacker Email Scam - Is it True?

“Professional Hacker” Email Scam Revealed & Explained

Stephanie AdlamOct 20, 202310 min read

Among hundreds of different types of scam emails, there is a specific scary one that bothers people around the world. Known as “Professional Hacker” scam email, it claims that an illusory hacker has accessed your PC and gathered whatever information, including capturing videos through the web camera. Message is accompanied by a ransom demand and threats to publish data if it is not paid. Professional Hacker Email Scam Overview Despite being a distinctive kind of email spam, “Professional Hacker” still…

Top 10 Computer Viruses Ever Existed

TOP 10 Most Dangerous Computer Viruses In History

Stephanie AdlamOct 13, 20236 min read

Computer viruses really resemble real ones. They can infect thousands of computers in a matter of minutes, which is why we call their outbreak an epidemic. It’s hard to imagine how we could live without antivirus software now, but once it was a reality. But which virus was the most dangerous? I’ve compiled a list of the 10 most dangerous viruses in history to remember how it all began. Let’s begin 😊 CIH Virus (1998) This virus was created by…

What is Aluc Service and How to Remove It?

Aluc Service: What Is Aluc App & How to Remove?

Stephanie AdlamOct 11, 20235 min read

Aluc Service is a strange service you can spectate in the Task Manager. It is, in fact, a malware-related process that hides behind a legitimately-looking name. Most commonly, such a trick is done by coin miner malware and rootkits. What is Aluc Service? At a glance, Aluc Service may look like a legit service among hundreds of ones running in Windows. However, even a tiny bit of research shows that it is not something common. No programs among well-known ones…

Exim 0-day Vulnerablity Allows Executing Arbitrary Code

Exim Vulnerability Allows RCE, No Patches Available

Stephanie AdlamSep 29, 20233 min read

Exim Internet Mailer, a program massively used as a basis for mailing servers, appears to have a remote code execution vulnerability. By overflowing the buffer, hackers can make the program execute whatever code they need. Despite several reports to the developer, the patch is still not available. What is Exim? Exim is a mail transfer agent application for *NIX systems. Appeared back in 1995, it gained popularity as a free, open-source and flexible solution for mailing. Throughout the time, it…

RedLine and Vidar Developers Started Spreading Ransomware

Redline and Vidar Stealers Switch to Ransomware Delivery

Stephanie AdlamSep 20, 20235 min read

Cybercriminals who stand behind RedLine and Vidar stealers decided to diversify their activity. Now, crooks deploy ransomware, using the same spreading techniques as they used to deliver their spyware. Meanwhile, the process of ransomware enrollment is rather unusual and is full of advanced evasion techniques. What are Redline and Vidar Stealers? RedLine is an infostealer malware that appeared back in 2020, offered under Malware-as-a-service model. It is appreciated by cybercriminals for its wide functionality, that includes not only automated data…

GridinSoft Online File Virus Scanner Service

GridinSoft Launches Own Online Scanner Service – Meet Online Virus Scanner

Stephanie AdlamSep 18, 20233 min read

As a part of the GridinSoft team, I am proud to announce the public release of our own online virus scanner service! Now, you can scan the file and see all the information about it for free, by using GridinSoft Online Virus Checker. Let’s check out its key features and find out why it is better and when the scanner is the best option to use. GridinSoft Releases Free Online File Virus Scanner Checking a file you’ve just downloaded is…