Also known as: ViperSoftX, Venus Stealer, Viper RAT
Category: Malware
Type: RAT, information stealer, password-stealing virus
Platform: Any
Variants: VXLoader, ViperSoftX-Loader, ViperSoftX-V2, Vipersoftx Version 3.0, NevadaStealer, FakeCrack/Crack Downloaders, Trojan.GenericKD, Jupyter Variant, CryptoStealer-X.
Damage potential: Stolen passwords, login and credit card details, identity theft, loss of cryptocurrency, fraudulent transactions, and financial loss.
Overview
Vipersoftx is an information stealer that acts as a remote access trojan (RAT). It infects systems and hands their control over to attackers, allowing them to perform malicious actions remotely. Viversoftx’s main target is sensitive data, such as login credentials, credit card information, and cryptocurrency wallets — particularly browser extension wallets like MetaMask. In addition, this info stealer can download and execute additional payloads that can further compromise the infected system.
Malicious or cracked software and phishing emails are the most common methods hackers use to distribute Vipersoftx. It’s been active since 2020 and is continuously evolving, targeting users primarily in North America and Europe.
Possible symptoms
Since Vipersoftx steals information, it often causes an unusual increase in network activity. Other possible symptoms include:
- Inability to start the computer in safe mode.
- Sudden system crashes.
- Slower-than-usual computer performance.
- Trouble logging in to your accounts, even if your credentials are correct.
- Altered browser settings and unexpected browser redirects.
- Suspicious account activity, such as changed settings and passwords or unrecognized messages in your Sent folder.
Sources of infection
Vipersoftx spreads primarily through malicious or cracked software, typically downloaded from pirating sites. It can also infect devices through phishing emails, fake browser extensions, malicious websites, pop-up ads, and infected USB drives.
Protection
You can protect yourself from Vipersoftx and its variants by being cautious online:
- Only download software from official websites.
- Don’t open files or links in suspicious emails, especially from unknown senders.
- Monitor your network and use firewalls to block suspicious network activity.
- Scan downloads for malware, block trackers, and get rid of intrusive ads with NordVPN’s Threat Protection Pro™.
- Make sure your operating system and software are updated.
- Enable multi-factor authentication (MFA) to prevent cybercriminals from accessing your accounts, even if they stole your passwords.
Removal
If you think Vipersoftx has infected your device, use a reliable antivirus solution to detect and remove the threat:
- Run a full system scan.
- Follow the steps suggested by your antivirus software.
- Run a post-removal scan to ensure no traces of the malware are left.