iGEN
Visit IGEN World Explore IGEN Expo
EXPLORE UPGRADE PLANS
BREAKING
Travel Disruption Is a Productivity Nightmare – AI Provides the Scalable Solution Microsoft Teams finally rolls out Wi-Fi-based location tracking for workplace check-in Cost of ransomware recovery too high? Here’s how to stop footing the bill CMA CGM Moves to Acquire Aircraft Maintenance Specialist Crystal Aero Solutions Qobuz Gains Subscribers as Artists and Audiophiles Reject Spotify's Model M*: A Modular, Extensible Serving System for Efficient Multimodal AI Inference New Benchmark and Method Address Occlusion in Vision-Language-Action Models for Robotics Fast LLM-Based Semantic Filtering: Unified Framework and Adaptive Two-Phase Method Deliver 1.6–2.0x Speed Gains Google Begins Android 17 Rollout; Key AI Upgrades Coming Later This Year EvalStop: Early Stopping for Reward Overoptimization in Multi-Tenant RLHF Platforms Travel Disruption Is a Productivity Nightmare – AI Provides the Scalable Solution Microsoft Teams finally rolls out Wi-Fi-based location tracking for workplace check-in Cost of ransomware recovery too high? Here’s how to stop footing the bill CMA CGM Moves to Acquire Aircraft Maintenance Specialist Crystal Aero Solutions Qobuz Gains Subscribers as Artists and Audiophiles Reject Spotify's Model M*: A Modular, Extensible Serving System for Efficient Multimodal AI Inference New Benchmark and Method Address Occlusion in Vision-Language-Action Models for Robotics Fast LLM-Based Semantic Filtering: Unified Framework and Adaptive Two-Phase Method Deliver 1.6–2.0x Speed Gains Google Begins Android 17 Rollout; Key AI Upgrades Coming Later This Year EvalStop: Early Stopping for Reward Overoptimization in Multi-Tenant RLHF Platforms
Home ›› Technology ›› Cybersecurity ›› Fake X-VPN Installers Spread Malware: Protect Your Credentials
iGEN
Technology Cybersecurity

Fake X-VPN Installers Spread Malware: Protect Your Credentials

Fake X-VPN installers have been found to spread credential-stealing malware, targeting users who download from unofficial sources. The malware, known as STX RAT, can steal credentials and give attackers remote control of infected devices. Users are advised to download software only from official sources to avoid such threats.

iG
iGEN Editorial
June 10, 2026
Fake X-VPN Installers Spread Malware: Protect Your Credentials

A recent cybersecurity threat has emerged involving fake X-VPN installers that deploy credential-stealing malware. According to TechRadar, threat researchers at Cyderes have identified a campaign using a fake X-VPN installer to spread the STX RAT malware, which is capable of stealing credentials and granting attackers remote control over infected systems. This issue highlights the importance of downloading software only from official sources.

The Threat of Fake VPN Installers

The fake X-VPN installer campaign initially targeted cryptocurrency traders but has since expanded to privacy-conscious users. The attackers used a technique called DLL sideloading, where they inserted a malicious file named CRYPTBASE.dll into genuine X-VPN program files. This method allows the malware to install without detection, as it blends in with normal encrypted web traffic.

The STX RAT malware can harvest saved browser passwords, session tokens, collect system information, and execute remote commands. It was one of 11 malicious packages, including trojanized installers for platforms like Binance, Bybit, MetaTrader 5, Exodus, and Steam.

Protecting Against Malware

To protect against such threats, users should:

  • Download software only from official sources, such as the vendor's website or official app stores.
  • Avoid third-party repositories or links from unknown sources.
  • Keep software updated and use reputable security software.
  • Change passwords and enable two-factor authentication if a fake VPN is suspected.

X-VPN's Response

In response to the threat, X-VPN released version 77.5.3 of their software with improved DLL loading controls. Users are encouraged to update to this version or later to enhance security.

Implications for Enterprises

For enterprise technology decision-makers, this incident underscores the critical need for stringent software procurement policies and robust cybersecurity measures. Ensuring that all software is sourced from verified channels can prevent similar breaches, protecting sensitive data and maintaining operational integrity.

Threat Description
STX RAT Credential-stealing malware deployed via fake VPN installers
DLL Sideloading Technique used to insert malicious files into genuine software

By adhering to best practices in software management and cybersecurity, organizations can mitigate the risks posed by such sophisticated malware campaigns.

Sources: TechRadar – Main Feed

Keep Reading

Recommended Stories

Malware Chain Concealed in Trusted Windows Tools Technology

Malware Chain Concealed in Trusted Windows Tools

A sophisticated malware campaign exploits Google's ad infrastructure to disguise its activities, embedding itself within trusted Windows tools. This five-stage attack leverages legitimate processes to evade detection.

June 10, 2026
Russia's State VPN: A Solution or a Surveillance Tool? Technology

Russia's State VPN: A Solution or a Surveillance Tool?

Russia's media regulator, Roskomnadzor, proposes a state-owned VPN to counteract its own internet restrictions, sparking concerns over potential state surveillance. The move aims to restore access to essential developer platforms but is met with skepticism from the IT community.

June 9, 2026
Microsoft Disables 73 GitHub Repos After Malware Breach Technology

Microsoft Disables 73 GitHub Repos After Malware Breach

Microsoft has disabled 73 GitHub repositories after hackers used stolen credentials to plant malware. The breach affected multiple organizations, including Azure, and led to significant disruptions. Microsoft is investigating and has notified affected customers.

June 9, 2026
NordVPN Offers Enhanced Security Beyond Apple's WWDC Updates Technology

NordVPN Offers Enhanced Security Beyond Apple's WWDC Updates

Apple's WWDC 2026 introduced several security upgrades, but NordVPN offers comprehensive online privacy protection. With features like advanced email monitoring and scam call filtering, NordVPN ensures data security beyond Apple's capabilities.

June 9, 2026