Categories: Ad Guardian Plus

Malware disguised as one of most used VPNs

A dangerous trojan replaced a popular VPN. The cybercriminals cloned the genuine website in order to trick visitors into downloading the dangerous trojan.

Researchers at Doctor Web discovered a harmful banking trojan disguised as the popular virtual private network, NordVPN. Win32.Bolik.2 was hidden alongside VPN downloads, from a website designed to be mistaken for the official NordVPN’s site.

The criminals behind the fake managed to both obtain a visual similarity to the original website and domain name, but also a valid SSL certificate, thanks to Let’s Encrypt, which allowed the fake website past browser security checks.

The website also came with the actual offer of the genuine website ($2.99/month), for three years. This is the second time the group strikes after the same hackers hid a banking trojan in the cloned sites of different corporate office programs. Then, they were caught distributing the file via a hacked free video editing service – VSDC.

The trojan sneaks in alongside a legitimate copy of the VPN or office software from these fake sites to steal data from clueless victims.

Doctor Web explained that “The Win32.Bolik.2 trojan is an improved version of Win32.Bolik.1 and has qualities of a multicomponent polymorphic file virus. Using this malware, hackers can perform web injections, traffic intercepts, keylogging and steal information from different bank-client systems.”

Doctor Web mentioned that the malware has been primarily targeted at English-speaking audiences, and the fake NordVPN page has already been visited thousands of times.

Laurentiu Titei

View Comments

Recent Posts

Best Free Cache Cleaner Software for Windows 10 and 11 PC

Do you remember how fast your computer was when it was new? It could complete…

2 days ago

Best Methods to Duplicate Word Documents in 2025

Many users duplicate Word documents to secure a backup, avoid overwrites or accidental deletions in…

2 days ago

What Is Windows Update and How to Block it with Windows Update Blocker

Computer systems are unpredictable. No one can predict how they behave after an update. .…

3 days ago

Top Cloud Security Tools and Technologies

Storing information and data online on cloud services has become common for businesses and organizations.…

3 days ago

Best Free Registry Cleaner Software for Windows 10, 11 PC in 2025

We offer you a list of the best registry cleaner computer programs. They will enable…

3 days ago

Best Free PC Cleaner and Optimizer for Windows 10, 11 in 2025

In this comprehensive overview, we delve into the best free PC cleaner and optimizer tools…

3 days ago