The webpage of VSDC, popular video editing software is hacked, users get infected with Trojan

The official website of VSDC, one of the most used free video edition and conversion services (with almost 1.5 million visitors per month) has been hacked once again, reported cyber forensics course specialists from the International Institute of Cyber Security (IICS). 

According to reports, a group of hackers would have hijacked the VSDC website, replacing the legitimate software download links with versions infected with two malware variants: a malicious banking Trojan (Win32. Bolik. 2) and an information theft malware (KPOT).

Although VSDC is a really popular tool among media content editors, its website operates and offers software download through an unsecured HTTP connection.

Experts are still unaware of the method hackers used to attack the website this time, but the first investigations into the incident have revealed some relevant data. According to cyber forensics course specialists, a malicious JavaScript code was found on the company’s website, designed to verify visitor location; the reports indicate that the attack was directed only against VSDC users based in the United States, Australia, the United Kingdom and Canada.

Malicious JavaScript remained hosted on the VSDC website almost a month (from February 21 to March 23), until it was finally detected. According to cyber forensics course experts, at least 565 visitors downloaded the Trojan during the time the website remained infected; also, other 80 users would have downloaded the information theft malware.

The VSDC website has been hacked multiple times. In 2018, a group of hackers managed to gain administrative access to the website and replaced the download links to inject some malware variants into the victims’ devices, such as AZORult, X Keylogger, and the backdoor DarkVNC.

VSDC has recommended users concerned about the security of their systems to perform an antivirus scan on their devices to find any possible traces of infection; changing passwords for online banking services, email and social networking platforms is also recommended.