Gridinsoft Security Lab

As online scams become not only more widespread, but also more sophisticated, it appears to be rather easy to become a victim of one. But what should you do in such a case? Is it possible to get your money back? Let me show you every step you should do. You Got Scammed – Where It All Ends? Before explaining the steps you should take after being scammed, I’d like to specify the starting point. And obviously, this point coincides…

Sextortion is a specific email phishing tactic that was around for quite some time. Over the last few years though its popularity skyrocketed, and some novice technologies make me concerned regarding possible sextortion approaches in future. Let me explain what I mean, what this scam is about, and how to detect and avoid it. What is Sextortion? The term “Sextortion” is rather self-explanatory, aside from the fact that this practice has been in use for a pretty long time. That…

A newly discovered Java-based stealer named Rude has emerged, encapsulated within a Java Archive (JAR) file. It employs a range of sophisticated functionalities and focuses on stealing sensitive data from gaming platforms such as Steam, Discord, and other browsers. Rude Stealer Overview In early November 2023, researchers identified a malicious JAR file labeled “Stealer.jar” on VirusTotal. Further analysis revealed that this file is an information stealer named Rude. Unlike a more common form of executable files, this malware is Java-based…

Fraudsteds massively employ Microsoft Azure hosting to start Microsoft Security scam pages. They range from a scary warning that blocks your browser window to a phishing pages, indistinguishable from real. Let’s see the most typical types of these scams and their features. What is Windows Defender Security Warning? Fake Windows Defender Security Warning (Microsoft Security Warning) is a malicious attempt to deceive users into believing their system is compromised or at risk. In reality, these warnings are part of a…

“Disable Windows Defender” has become a particularly popular advice to the users who want to speed up their computer. Though, not all of them mention the actual way to disable it. Moreover, this trick has become quite complicated with the Windows 11 release. Let’s figure out how to disable Windows Defender in both Windows 10 and 11, and also understand whether it is necessary at all. How to Disable Windows Defender in Windows 10/Windows 11 Despite some deep changes made…

Android:TrojanSMS-PA is a detection name from a built-in Huawei security tool. This particular name recently appeared as a detection of the Google app on Huawei devices. However, this name is not a 100% false positive, and here is why. What is Android:TrojanSMS-PA? As I said, Android:TrojanSMS-PA detection name is one of hundreds used by an antivirus tool that is built into the Huawei smartphones and tablets. Since the company ships the devices with their own builds of Android, that lack…

Over the past few weeks, Google’s Threat Analysis Group (TAG) has reported a worrying trend. Experts have observed government-sponsored actors from different nations exploiting this WinRAR vulnerability as part of their operations. The vulnerability received an index of CVE-2023-38831. Even though a patch has since been released, many users remain vulnerable to potential attacks. WinRAR RCE Vulnerability Exploited Through a PNG File In August 2023, RARLabs, the developer of WinRAR, released an updated version that addressed several security-related issues. Among…

Among hundreds of different types of scam emails, there is a specific scary one that bothers people around the world. Known as “Professional Hacker” scam email, it claims that an illusory hacker has accessed your PC and gathered whatever information, including capturing videos through the web camera. Message is accompanied by a ransom demand and threats to publish data if it is not paid. Professional Hacker Email Scam Overview Despite being a distinctive kind of email spam, “Professional Hacker” still…

Computer viruses really resemble real ones. They can infect thousands of computers in a matter of minutes, which is why we call their outbreak an epidemic. It’s hard to imagine how we could live without antivirus software now, but once it was a reality. But which virus was the most dangerous? I’ve compiled a list of the 10 most dangerous viruses in history to remember how it all began. Let’s begin 😊 CIH Virus (1998) This virus was created by…

Aluc Service is a strange service you can spectate in the Task Manager. It is, in fact, a malware-related process that hides behind a legitimately-looking name. Most commonly, such a trick is done by coin miner malware and rootkits. What is Aluc Service? At a glance, Aluc Service may look like a legit service among hundreds of ones running in Windows. However, even a tiny bit of research shows that it is not something common. No programs among well-known ones…

Exim Internet Mailer, a program massively used as a basis for mailing servers, appears to have a remote code execution vulnerability. By overflowing the buffer, hackers can make the program execute whatever code they need. Despite several reports to the developer, the patch is still not available. What is Exim? Exim is a mail transfer agent application for *NIX systems. Appeared back in 1995, it gained popularity as a free, open-source and flexible solution for mailing. Throughout the time, it…

Cybercriminals who stand behind RedLine and Vidar stealers decided to diversify their activity. Now, crooks deploy ransomware, using the same spreading techniques as they used to deliver their spyware. Meanwhile, the process of ransomware enrollment is rather unusual and is full of advanced evasion techniques. What are Redline and Vidar Stealers? RedLine is an infostealer malware that appeared back in 2020, offered under Malware-as-a-service model. It is appreciated by cybercriminals for its wide functionality, that includes not only automated data…