The Security Blog From Gridinsoft
3 Unpopular Malware Spreading Ways in 2023
The modern Internet space is like an endless ocean, where every wave can hide a danger. If you think you…
Visual Studio Code Malicious Plugins Steal Personal Data
Some plugins for Visual Studio Code, a popular code editing tool developed by Microsoft, appear to have malicious code. In…
Infostealer Malware: Top Stealers in 2024
Cybercrime world changes rapidly – both by expanding, collapsing, evolving extensively and intensively. One of the most massive malware types…
Trend Micro: Millions of Android Devices Contain Malware Right in the Firmware
Trend Micro analysts presented an interesting report at the Black Hat Asia conference: according to their information, millions of Android…
RedLine Stealer Issues 100,000 Samples – What is Happening?
Throughout the entire early May 2023, GridinSoft analysts team observed an anomalous activity of RedLine stealer. It is, actually, an…
Hack group REvil deceived their partners due to a backdoor
The researchers found that the creators of REvil deceived their partners using a scheme that allowed them to decrypt any systems blocked by the ransomware and take the entire ransom…
FBI Kept Secret Key To Decrypt Data After REvil Attacks
Journalists of The Washington Post found out how the FBI obtained the key to decrypt the data, which was affected in the attacks of the REvil ransomware. First, should be…
BlackMatter ransomware attacked American farmers from NEW Cooperative
The BlackMatter ransomware attacked the American farmers organization NEW Cooperative, which produces feed and grain, as well as works in the fields of agronomy, energy and software for farmers. The…
Epik hoster hack affected 15 million users, not just the company’s clients
Last week, Anonymous hacktivists reported about hack of the database of the domain registrar and hoster Epik, which was previously often criticized for hosting “right-wing” sites including 8chan, Gab, Parler…
Added utility for decrypting data after REvil attacks
The Romanian company Bitdefender has published a universal utility for decrypting data affected by REvil (Sodinokibi) ransomware attacks. The tool works for any data encrypted before July 13, 2021. However,…
Anonymous hacktivists attacked the Epik hoster with the right-wing radical sites
Anonymous hacktivists attacked into the database of the domain registrar and hoster Epik, which was previously often criticized for hosting right-wing sites including 8chan, Gab, Parler and The Donald. The…
SpookJS Attack Allows to Bypass Site Isolation In Google Chrome
A group of scientists from universities in Australia, Israel and the United States have presented a side-channel attack that allows recovering data from Google Chrome and Chromium-based browsers protected by…
REvil ransomware resumed attacks
Last week, the infrastructure of REvil (Sodinokibi) returned online after months of downtime, and now the ransomware has resumed attacks. The fact is that in July 2021, the hack group…
PoC exploit published for fresh vulnerability in Ghostscript
A PoC exploit for a fresh vulnerability in Ghostscript was presented this week. The issue endangers all servers using this component. The exploit was published by a Vietnamese information security…
US authorities accused Ukrainian citizen of running a brute force botnet
The US authorities accused the Ukrainian citizen of hacking: namely, they reported that 28-year-old Ukrainian citizen Gleb Ivanov-Tolpintsev had been extradited from Poland and accused of selling access to hacked…
Servers of the hack group REvil are back online
In July 2021, the infrastructure of REvil (Sodinokibi) was turned off without explanation, but now the information security specialists have noticed that the REvil servers are back online. It was…
FBI experts say that this year “sextortion” brought scammers more than $8 million
Experts from the FBI Internet Fraud Complaints Center (IC3) spoke about the activation of fraudsters in the field of the so-called “sextortion”. To denote such activity, the term sextortion is…