The security experts said: “According to the Doctor Web virus laboratory, the hacker group behind this attack was previously involved in spreading a fake installer of the popular VSDC video editor through its official website and the CNET software platform.
“This time the cybercrooks managed to gain administrative access to several websites that began to be used in the infection chain.
“Target selection is based on geolocation and browser detection. The target audience are users from the USA, Canada, Australia, Great Britain, Israel and Turkey, using the Google Chrome browser.
“It is worth noting that the downloaded file has a valid digital signature identical to the signature of the fake NordVPN installer distributed by the same criminal group.”
As always a good anti-virus programme can help you detect any such threats and remove malicious software that does end up on your machines.