Protect your PC

Hackers Copy NordVPN’s Website to Spread Bank Trojan

Users Hoped for Security, Ended Up with Malware

Cyber criminals have found an effective way to distribute malicious software, and users are none the wiser. By copying the popular VPN (virtual private network) website for NordVPN, users believe they are using something that is meant to boost their security. Instead, they are downloading a bank trojan.

Now, one may think they cannot be dupped by a fictitious website but these hackers are good. Not only did they replicate the site entirely, but they also added a valid SSL certificate, which helps the fake website appear more legitimate while also allowing it to bypass browser security checks.

Tricky? Yes, yes indeed.

What is a VPN?

As mentioned earlier, a VPN is a virtual private network. However, that still doesn’t exactly state what it does. Take a firewall, for example, that helps to protect your data on your computer. A VPN does the same but does so online. By utilizing a VPN, users are able to securely access a private network and share data on public networks.

Don’t Fall Victim

The best way to avoid these scams is two-fold. First, when you visit a website, type the URL into the address bar instead of searching for the URL on a search engine. Often times, even if they are malicious, websites will show up in the search results. For instance, if you wanted to go to espn.com, type in www.espn.com in the browser’s address bar. Do not go to google.com and search ESPN. Granted you’ll likely go to the correct place, but you also may end up on a spoofed site. So, searcher beware.

Also, deploy a security solution that uses an application whitelist. By running a whitelist, only known trusted programs are permitted to execute. Therefore, if you find yourself somewhere you shouldn’t be — the malware still cannot run, because it has not been tested and proven secure.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles