The official website of VSDC, one of the most used free video edition and conversion services (with almost 1.5 million visitors per month) has been hacked once again, reported cyber forensics course specialists from the International Institute of Cyber Security (IICS).
According to reports, a group of hackers would have
hijacked the VSDC website, replacing the legitimate software download links
with versions infected with two malware
variants: a malicious banking Trojan
(Win32. Bolik. 2) and an information theft malware (KPOT).
Although VSDC is a really popular tool among
media content editors, its website operates and offers software download
through an unsecured HTTP connection.
Experts are still unaware of the method hackers
used to attack the website this time, but the first investigations into the
incident have revealed some relevant data. According to cyber forensics course
specialists, a malicious JavaScript code was found on the company’s website,
designed to verify visitor location; the reports indicate that the attack was
directed only against VSDC users based in the United States, Australia, the
United Kingdom and Canada.
Malicious JavaScript remained hosted on the
VSDC website almost a month (from February 21 to March 23), until it was finally
detected. According to cyber forensics course experts, at least 565 visitors
downloaded the Trojan during the time the website remained infected; also,
other 80 users would have downloaded the information theft malware.
The VSDC website has been hacked multiple
times. In 2018, a group of hackers managed to gain administrative access to the
website and replaced the download links to inject some malware variants into
the victims’ devices, such as AZORult, X Keylogger, and the backdoor DarkVNC.
VSDC has recommended users concerned about the
security of their systems to perform an antivirus scan on their devices to find
any possible traces of infection; changing passwords for online banking
services, email and social networking platforms is also recommended.
