VSDC Video Editor team suffers from the attack causing redirects on their main website
The second week of July 2018 came with an unexpected statemet from the VSDC Video Editor team reporting about the attack detected on their website. The company ensured its users that everything is under control and that attackers have already been stopped. Trying to be fully transparent, they also assured people that they are ready to take full responsibility for these events if someone of them got harmed.
However, the most shocking thing is that this attack was the third one in a few months already. The same raids were reported on June and at the beginning of July.
It seems that the main purpose of such hacking activity was to redirect people to predetermined websites. When people were willing to download VSDC-provided software, the download links redirected them to servers operated by cybercriminals. According to researchers, the first and the last redirects were the most harmful ones and are believed to affect people from more than 30 countries.
Time and links used for redirects:
June 18 : The site is set to redirect users to hxxp://126.96.36.199/_files/file.php
July 2 : The download link is changed to hxxp://drbillbailey.us/tw/file.php
July 6: Download link redirects to hxxp://drbillbailey.us/tw/file.php
Alexander Galkin, VSDC Project Manager, released a public statement regarding the last incident. The team ensured people that they did their research and had revealed everything what they needed about this hack. According to the statement, the hacker is located in Lithuania, and the company is already aware of his IP address.
VSDC team is also stating that they have restored source files of the website, and deleted the fake ones that caused issues. They also changed passwords and have warned their users that 10-12 character passwords are not enough, so they made new and more complex ones. When it comes to precautionary security measures, the company employed a special anti-virus tool installed on the server which checks all the files for validity. Also, the team introduced two-way authentication of access.
Data breaches are becoming common these days
Not every company is transparent like the VSDC Video Editor team. This month, web hosting company from Germany, DomainFactory, released a statement confirming the data breach from January. This was an unusual incident because the attacker, who broke into the company's servers, attempted to access information about the customer who owed him money. While such an attack was illegal, the attacker informed security team about the vulnerability. However, the company decided to remain silent about this issue and kept silent for half a year.
Past month, security experts also announced the news about a hacker who gained access to GitHub account of the Syscoin cryptocurrency and replaced the official Windows client with malware-infected version. This malware specialized in stealing passwords and wallet keys, and was detected as Trojan:Win32/Feury.B!cl.
There is a way of protecting your system
The best way of avoiding threats is knowledge and precautionary measures. If you want to be safe individually or keep your company, business safe from these unfortunate incidents, you should perform these actions:
- Update your OS and software frequently. This keeps cybercriminals from gaining easy access to your PC through vulnerabilities in outdated programs;
- Download anti-virus and anti-malware programs. Do not forget to update them in time as well;
- Avoid free wi-fi. It can be a good source for hackers to download malicious files on your PC;
- Change your passwords to complex and difficult ones. Do not use similar or the same ones for more than two accounts. Choose at least 10-15 character combinations from letters in upper and lower case, numbers;
- Keep your important information on remote devices, servers. Most importantly, do not keep sensitive information on your work computer.