VSDC Download Link on CNET Compromised to Distribute Malware

Last updated June 23, 2021
Written by:
Bill Toulas
Bill Toulas
Infosec Writer
Source: videosoftdev.com

The download link of the VSDC video editor software on the CNET’s Downloads webpage has been compromised by malicious actors, resulting in the downloading of thousands of infected installers. The hackers have set up a spoofed domain on “downloads[.]videosfotdev[.]com”, which contains the installer of the video editing software, but is also bundled with a trojan. The discovery was made by the Dr. Web Antivirus team of researchers, and the malicious file is identified as “BackDoor.TeamViewer”. A script in the trojan enables the file to bypass the Microsoft Windows Defender protection and to establish communication with the C2 server.

From there, additional payloads and modules are fetched. The researchers have noticed an X-Key Keylogger, Predator The Thief stealer, SystemBC trojan-proxy, and a trojan for remote control over RDP protocol. By looking into the online repositories that are used for the downloading of the additional payloads, the researchers noticed a fake NordVPN installer too, and it even comes with a valid digital signature. For a full list of the indicators of compromise that concern this campaign, you may take a look at this GitHub page.

Those who have been following the news section here, you may remember that this is not the first time that VSDC becomes the target of malicious actors. Back on April 12, 2019, the same team of researchers discovered that hackers had replaced the original installer of the video editor with banking trojans. The malicious files were downloaded by at least 600 people before the software’s team cleaned the download page, but in the case of the CNET, the victim count could be a lot higher. Dr. Web informed VSDC again, they contacted CNET, and the link was restored to point to the legitimate website now.

All that said, one could be wondering why crooks insist on targeting VSDC and what’s so special about it. Simply put, it’s one of the most capable and feature-rich video editor, video converter, audio converter, and CD ripper that is free of charge and doesn’t come with annoying ads. To the contrary, it comes with an easy to use contemporary user interface, performs both reliably and speedy, and supports the vast majority of video and audio formats in existence. Thus, VSDC generates a lot of interest, and there is always a good number of people who are looking to download it.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: