Crafty. Nobody ever said hackers were necessarily a lazy or uninspired bunch. Their ethics, not so great, but their methods for manipulating people into downloading their malware are growing sharper.
I can’t say for sure whether people as a whole are growing more alert or sophisticated in their resistance to common digital trickery. People still do an awful lot of dumb things, and the common (though less exciting and sexy) method by which hackers gain entry is simple social engineering or mimicry.
Creating a lookalike website of a popular antivirus program that actually downloads malware is quite ironic. That’s exactly what’s happening to Bitdefender, a long-popular antivirus software program, found itself on the end of a lookalike campaign.
the dangers it poses
“The bundled executable StoreInstaller.exe was found to contain malware configurations associated with VenomRAT (Remote Access Trojan 9RAT]),” according to a May 27, 2025 report by cybersecurity researchers Domaintools. “It also contained code associated with open source post-exploitation framework SilentTrinity and StormKitty stealer.”
Among the nasty tricks that VenomRAT can pull on you are remote access, stealing credentials, key logging, exfiltration, and more. There are a few key differences in the website, although they’re so close that it’d be understandably hard to tell if you were just to look at the webpages and not the URLs.
Bitdefender is solid antivirus software. The legitimate version, that is. Download it from a reputable source. Obviously, I recommend the official Bitdefender website itself. As soon as you navigate to Bitdefender, double check the spelling of the URL field to verify there are no subtle typos before you do anything else. Only once you’re absolutely sure you’ve got the right URL should you download anything.
The post A Trojan-Downloading Website Is Imitating a Popular Antivirus Website appeared first on VICE.