If you have downloaded the VSDC multimedia editing software between late February to late March this year, there are high chances that your computer has been infected with a banking trojan and an information stealer.The official website of the VSDC software — one of the most popular, free video editing and converting app with over 1.3 million monthly visitors — was hacked, unfortunately once again.According to a new report Dr. Web published today and shared with The Hacker News, hackers hijacked the VSDC website and replaced its software download links leading to malware versions, tricking visitors into installing dangerous Win32.Bolik.2 banking trojan and KPOT stealer.
The malicious code planted on the website went unnoticed for almost a month—between 21 February 2019 and 23 March 2019—until researcher discovered it and notified VSDC developers of the threat.
Targeted users were served with a dangerous banking trojan designed to perform “web injections, traffic intercepts, key-logging and stealing information from different bank-client systems.”Moreover, the attackers changed the Win32.Bolik.2 trojan to KPOT Stealer, a variant of Trojan.PWS.Stealer, on March 22, which steals information from web browsers, Microsoft accounts, several messenger services and some other programs.
According to the researchers, at least 565 visitors downloaded VSDC software …