Researchers from Dr.Web discovered that the cloned website was so perfect that it even came with a valid SSL certificate. This means your browser won’t immediately try to lock you out of the site to keep you safe. The researchers also say that thousands of users have already visited the fake NordVPN site. Upon landing on the fake site, users are prompted to download NordVPN just like the actual site. To keep up the pretense of legitimacy, the clone installs the real NordVPN client, but bundles the Trojan as part of the download. The Trojan itself can allow hackers to perform web injections, traffic intercepts and keylogging, among other choice methods of stealing your banking information. Considering the cyber criminals got thousands of people to visit the fake site, it looks like a fairly effective tactic of duping unsuspecting users. With that in mind, chances are the hackers will clone more sites in the future. The same bunch has previously hijacked the download link of a legitimate video editing software website. (Source: Dr.Web via TechRadar)
