The popular, and free, multimedia editor VSDC has been breached for the second time in one year. This time the download link is being used to distribute a banking trojan and an information stealer. According to researchers, the hackers are causing visitors to download the banking trojan “win32.bolik.2” and the information stealer “Trojan.PWS.Stealer” when the editing software is downloaded. VSDC’s website has an average of 1.3 million visitors each month, which makes this attack extremely serious. Users that have downloaded and launched the editing software have potentially infected their systems with a multicomponent polymorphic banking trojan. The banking trojan is designed to intercept web traffic, perform web injections, key log and steal information from installed banking systems. The information stealer has been seen to copy several messenger programs, information from browsers, Microsoft accounts, and several other programs. The VSDC developers have been notified of the breach and are currently working to restore the download links to the correct one. A VSCD representative issued the following statement, “At this moment, all of our website visitors and software users have no reasons to be worried.”
Analyst Notes
If the user has downloaded the editor then it should be removed from the user’s system and antivirus and malware scanners should be run in the highest level possible. After that is completed, the user should download a new editor from a trusted and safe source.
