Gridinsoft Security Lab

Fraudsteds massively employ Microsoft Azure hosting to start Microsoft Security scam pages. They range from a scary warning that blocks your browser window to a phishing pages, indistinguishable from real. Let’s see the most typical types of these scams and their features. What is Windows Defender Security Warning? Fake Windows Defender Security Warning (Microsoft Security Warning) is a malicious attempt to deceive users into believing their system is compromised or at risk. In reality, these warnings are part of a…

“Disable Windows Defender” has become a particularly popular advice to the users who want to speed up their computer. Though, not all of them mention the actual way to disable it. Moreover, this trick has become quite complicated with the Windows 11 release. Let’s figure out how to disable Windows Defender in both Windows 10 and 11, and also understand whether it is necessary at all. How to Disable Windows Defender in Windows 10/Windows 11 Despite some deep changes made…

Android:TrojanSMS-PA is a detection name from a built-in Huawei security tool. This particular name recently appeared as a detection of the Google app on Huawei devices. However, this name is not a 100% false positive, and here is why. What is Android:TrojanSMS-PA? As I said, Android:TrojanSMS-PA detection name is one of hundreds used by an antivirus tool that is built into the Huawei smartphones and tablets. Since the company ships the devices with their own builds of Android, that lack…

Over the past few weeks, Google’s Threat Analysis Group (TAG) has reported a worrying trend. Experts have observed government-sponsored actors from different nations exploiting this WinRAR vulnerability as part of their operations. The vulnerability received an index of CVE-2023-38831. Even though a patch has since been released, many users remain vulnerable to potential attacks. WinRAR RCE Vulnerability Exploited Through a PNG File In August 2023, RARLabs, the developer of WinRAR, released an updated version that addressed several security-related issues. Among…

Among hundreds of different types of scam emails, there is a specific scary one that bothers people around the world. Known as “Professional Hacker” scam email, it claims that an illusory hacker has accessed your PC and gathered whatever information, including capturing videos through the web camera. Message is accompanied by a ransom demand and threats to publish data if it is not paid. Professional Hacker Email Scam Overview Despite being a distinctive kind of email spam, “Professional Hacker” still…

Computer viruses really resemble real ones. They can infect thousands of computers in a matter of minutes, which is why we call their outbreak an epidemic. It’s hard to imagine how we could live without antivirus software now, but once it was a reality. But which virus was the most dangerous? I’ve compiled a list of the 10 most dangerous viruses in history to remember how it all began. Let’s begin 😊 CIH Virus (1998) This virus was created by…

Aluc Service is a strange service you can spectate in the Task Manager. It is, in fact, a malware-related process that hides behind a legitimately-looking name. Most commonly, such a trick is done by coin miner malware and rootkits. What is Aluc Service? At a glance, Aluc Service may look like a legit service among hundreds of ones running in Windows. However, even a tiny bit of research shows that it is not something common. No programs among well-known ones…

Exim Internet Mailer, a program massively used as a basis for mailing servers, appears to have a remote code execution vulnerability. By overflowing the buffer, hackers can make the program execute whatever code they need. Despite several reports to the developer, the patch is still not available. What is Exim? Exim is a mail transfer agent application for *NIX systems. Appeared back in 1995, it gained popularity as a free, open-source and flexible solution for mailing. Throughout the time, it…

Cybercriminals who stand behind RedLine and Vidar stealers decided to diversify their activity. Now, crooks deploy ransomware, using the same spreading techniques as they used to deliver their spyware. Meanwhile, the process of ransomware enrollment is rather unusual and is full of advanced evasion techniques. What are Redline and Vidar Stealers? RedLine is an infostealer malware that appeared back in 2020, offered under Malware-as-a-service model. It is appreciated by cybercriminals for its wide functionality, that includes not only automated data…

As a part of the GridinSoft team, I am proud to announce the public release of our own online virus scanner service! Now, you can scan the file and see all the information about it for free, by using GridinSoft Online Virus Checker. Let’s check out its key features and find out why it is better and when the scanner is the best option to use. GridinSoft Releases Free Online File Virus Scanner Checking a file you’ve just downloaded is…

Malicious actors know executives and high-level employees, such as public spokespersons, are familiar with common spam tactics. Due to their public profiles, they may have undergone extensive security awareness training, and the security team may have implemented stricter policies and more advanced tools to safeguard them. As a result, attackers targeting these individuals are forced to move beyond conventional phishing tactics such as Whaling Phishing and employ more sophisticated and targeted methods. What is Phishing? Phishing is a malicious practice…

In the ever-evolving landscape of cyber threats, crooks continually find new and inventive ways to exploit vulnerabilities and target valuable assets. One such threat that has recently garnered significant attention is “W3LL.” Next, we will tell you what it is, what it is known for, and how it succeeded in its business over 6 years without attracting the attention of law enforcement agencies. W3LL attacks Microsoft 365 accounts, bypassing MFA A relatively not new but little-known attacker group called “W3LL”…