April 11, 2019
VSDC is a popular, free software for editing video and sound. According to SimilarWeb statistics, monthly visits of the VSDC website come close to 1.3 million users. However, the security measures taken by the website’s developers often turn out to be insufficient for such traffic volume, which endangers a large number of people.
Users that downloaded software from that website also received a dangerous banking trojan, Win32.Bolik.2. Same as its predecessor, Win32.Bolik.1, this malware has qualities of a multicomponent polymorphic file virus. Trojans of this family are designed to perform web injections, traffic intercepts, key-logging and stealing information from different bank-client systems. At the moment we have information on at least 565 cases of infection with this trojan via videosoftdev.com site. It’s worth mentioning that so far only Dr.Web products successfully detect all the trojan’s components.
Additionally, on 22.03.2019 the attackers changed the Win32.Bolik.2 trojan to another malware, a variation of the Trojan.PWS.Stealer, KPOT Stealer. This trojan steals information from browsers, Microsoft accounts, several messengers and some other programs. In just one day it was downloaded by 83 users.
The VSDC developers were notified about the threat; and at the present moment, download links were restored to the originals. However, Doctor Web experts recommend that all VSDC users check their devices with our antivirus.
Tell us what you think
You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.