Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,109,776 7%
2 Conduit Search/Toolbar 1,588,409 4%
3 PUP.SupTab 1,174,950 14%
4 PUP.SuperWeb 996,601 11%
5 PUP.InstallCore 974,853 7%
6 PUP.Optimizer Pro 948,831 6%
7 Adware.Multiplug/Variant 904,168 9%
8 Iminent Toolbar 799,348 11%
9 PUP.CrossRider 700,309 15%
csv
Download as CSV
More Info
i

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware

Screenshot

The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware

Screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware

Screenshot

The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar

Screenshot

MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the MyStart.Incredibar.com website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware

Screenshot

ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus

Screenshot

The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum

Screenshot

Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer

Screenshot

DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

Good-links.net

The Good-links.net domain serves as a private ad platform for adware developers to earn pay-per-install revenue. The Good-links.net pop-up windows in your Internet client are facilitated by adware on your machine that may have been installed along with a free application. The Good-links.net pop-up windows may promote riskware such as PileFile Reminder , Picexa Viewer , Advizz and Blabbers . Security analysts advise users to abstain from installing software provided from the Good-links.net because they may introduce potentially harmful software to their system. The Good-links.net adware could be used to promote rogue applications like Live PC Care , PC MightyMax and System Check that can cause computer errors and display security alerts to scare users into purchasing unneeded services. Moreover, the Good-links.net adware may read your software configuration, bookmarks, and...

Posted on May 29, 2015 in Browser Hijackers

AllDayPrice Ads

The AllDayPrice plugin that can be noticed in freeware packages is promoted as a shopping advisor, and users may want to know that it is adware. The AllDayPrice adware functions similarly to CouponAmazing and Coupon Monkey, and might use tracking cookies, record your IP and read your browsing history to create a personal advertising marker for you. Advertisers can use the marker mentioned before to push targeted marketing content via the AllDayPrice adware. Users infected with the AllDayPrice adware might be subjected to a continuous display of banners, pop-up windows and ad boxes. The AllDayPrice adware may load many ads, slow down your Internet client and obstruct your online activities. Security experts alert that the AllDayPrice adware may insert a registry key in Windows to start when you begin an online session. Additionally, the adware developers behind AllDayPrice may...

Posted on May 29, 2015 in Adware

Geigertechsupport.net

Users that experience pop-up by Geigertechsupport.net might want to know that they are infected with adware that promotes fake technical support services. Security experts strongly advise against clicking on the Geigertechsupport.net pop-ups or following instructions provided by adware applications. The adware app linked to Geigertechsupport.net may have entered your OS as an additional component of a free software bundle that few users handle with the 'Advanced' or 'Custom' option. Security experts note that the Geigertechsupport.net adware users pop-ups to suggest users that their OS have been compromised, and they need assistance in removing the threat. However, users should not trust the messages on Geigertechsupport.net and avoid calling supposedly legitimate technicians. You should keep in mind that adware often promotes riskware like HeadlineAlley Toolbar and M6 Processing...

Posted on May 29, 2015 in Adware

Bettersearch.tk

The Bettersearch.tk domain features a customized version of the legitimate Google engine and features links to popular services like YouTube, Yahoo. Users that experience problems with the Bettersearch.tk domain may want to know that it is associated with a browser hijacker that sets Bettersearch.tk as your default search provider and home page. Security experts note that the browser hijacker associated with Bettersearch.tk may have arrived on your PC as a browser extension by CiebApps part of a free software installer. The Bettersearch.tk browser hijacker may use HTTP cookies, DOM storage data and detect your approximate geographical location to provide advertisers with data like your Internet history and preferred online resources. The Bettersearch.tk search engine may not perform as good as the legitimate Google service, and you may be provided with sponsored results that link to...

Posted on May 29, 2015 in Browser Hijackers

Razor Web Ads

The Razor Web browser plugin is promoted in freeware packages as a tool to give users a clear perspective of search results on Google. However, the Razor Web browser plugin is perceived by security analysts as adware because it does not perform as promised and loads numerous ads in your browser. The Razor Web adware is designed to earn-pay-per-click revenue for its developers, and your cyber security could be compromised by clicking on ads by Razor Web. Security analysts note that the ads by Razor Web are not safe because users might be redirected to harmful domains and suspicious websites. The Razor Web adware might present you with banners, pop-ups and layers loaded with commercials that cover the web pages you browse. The Razor Web adware may offer you to install riskware such as Coupon Server , Genieo and HighliteApp that can change your default search provider, homepage and...

Posted on May 29, 2015 in Adware

Filesspot.co.il

The Filesspot.co.il domain is deemed as malicious by security researchers because it is used by malware developers to deploy harmful software. The malware originating from the Filesspot.co.il domain can be presented to users as a setup file without a name, a Flash arcade game, a ZIP file and NASCAR racing game. Security researchers alert that users should not download content from the Filesspot.co.il domain and click on links pointing to Filesspot.co.il. If there are security alerts on your PC regarding connections to the Filesspot.co.il malicious domain you may have adware on your computer. Adware affiliated with Filesspot.co.il is deployed in freeware bundles that many users prefer to install via the 'Express' or 'Typical' option. As mentioned above, the Filesspot.co.il domain serves as a distribution platform, and adware could be instructed to download and install software from...

Posted on May 29, 2015 in Adware

Superimes.org

Users who experience security alerts for the Superimes.org domain may wish to know that it is associated with adware and Potentially Unwanted Programs (PUPs). The Superimes.org domain serves as a gateway to push updates and upgrades to PUPs and adware. The security alerts for Superimes.org might be a sign that adware or a PUP on your computer is trying to download software from the Superimes.org domain. The Superimes.org domain is not considered as harmful, but the applications linked to it may slow down your computer and display advertisements as seen in the activities of AppEnable and CommAd . As stated above, the Superimes.org domain is a gateway for developers to push software and adware, and PUPs may connect to Superimes.org to download and install third-party software automatically. The updates and upgrades from Superimes.org may include riskware such as BestToolbars and...

Posted on May 29, 2015 in Browser Hijackers

JS:Iframe-CLO [Trj]

The JS:Iframe-CLO [Trj] detection is used by security applications to point at a malicious JavaScript that cyber criminals place in the HTML code of websites and corrupted advertisements. The JS:Iframe-CLO [Trj] malicious code is often placed in compromised adult content forums and malvertising to redirect users to malware. When the JS:Iframe-CLO [Trj] malicious code is read by users visiting a certain website or click on a corrupted ad their web browser is instructed to download malware. When the JS:Iframe-CLO trojan is deployed to your system it places a hidden file named 'miscrosofts.vbs' in the User folder and adds a registry key in Windows to start at boot-up. The JS:Iframe-CLO trojan is programmed to generate web traffic towards predetermined domains and pay-per-click revenue from visiting ad platforms by launching a show instance of Internet Explorer. Security experts underline...

Posted on May 29, 2015 in Backdoors

Getsystem.info

Users who experience pop-up windows by Getsystem.info in their Internet client may want to know that they are infected with adware. Adware developers use the Getsystem.info domain to promote computer support services on 1-844-438-9404. The Getsystem.info pop-ups may feature a logo from a security authority and suggest that your OS has critical errors caused by cyber threats on your PC. However, you should keep in mind that the Getsystem.info pop-ups are generated by adware, and you should not trust the Getsystem.info domain. The Getsystem.info adware may have been installed on your PC as a helpful browser add-on embedded with a freeware installer. Security analysts report that the IP address 184.168.221.57 of Getsystem.info is seen in communications of several cyber threats and adware like Cycbot and InstallCore . That suggests a prolonged advertisement campaign stems from the IP...

Posted on May 28, 2015 in Browser Hijackers

Cybercrooks Hack IRS Website & Steal Data of More Than 100,000 Taxpayers

With technical knowledge and the information of the world readily at our fingertips, the things that attempt to make our lives easier sometimes end up making matters worse. Case in point, an unnamed cybermafia group utilized the "Get Transcript" app, which is supposed to make it easy to download IRS tax forms and other tasks for those who need the proper documentation in the event of applying for a mortgage or college financial aid, to download forms on over 100,000 individuals. The attack, which was claimed to be from a sophisticated organized crime syndicate organization, used the IRS website to steal personal financial data on 104,000 taxpayers. In the process, the cybercrooks attempted to make away with downloads of forms for as many as 200,000 taxpayers but were only able to make away with half of that target. The IRS has long been a target for cybercrooks, and the tax...

Posted on May 27, 2015 in Computer Security

Spitz.co.uk

In recent years, adware has become a one of the top mediums for vendors to advertise their products and service providers to make themselves known. Needless to say, bogus technical support agents and phone scammers saw the potential of adware to reach out to users and profit from their computer illiteracy and fears. You might want to know that the Spitzi.co.uk pop-ups in your Web browser are the perfect example of that. The pop-up windows by Spitzi.co.uk are generated by adware on your PC or an ad-supported program like BitAccelerator and Unico Browser . Security analysts alert that adware developers use the Spitzi.co.uk domain to display pop-ups and suggest that you have problems with your computer, and you need to call 1-888-270-6403. Possible Outcomes from Calling the 1-888-270-6403 Phone Number Located on Spitzi.co.uk You may be interested to know that users affected by...

Posted on May 27, 2015 in Browser Hijackers

Trojan.Disabler.88

The Trojan.Disabler.88 malware is classified as a trojan infection, and it can inject its code in the 'svchost.exe' host process to hide its operations. The Trojan.Disabler.88 malware is deployed in spam emails as an attached PDF file with a double extension that makes it executable. Researchers point out that the Trojan.Disabler.88 malware creates a service named 'WinSamSs' to edit the victim's Windows Registry to disable error reports, clear the 'page.sys' file and prevent users from booting in Safe Mode. Also, the Trojan.Disabler.88 malware disables remote assistance applications and hides its files in the ProgramData and Recycler folders. The Trojan.Disabler.88 malware is programmed to lock your computer, connect to a remote server to inform its operators of a successful infiltration and set a ransom note as your desktop background. The files on your computer are not encrypted as...

Posted on May 27, 2015 in Trojans

MyDealBox

The MyDealBox shopping companion is advertised as a powerful tool that can expand your access to exclusive deals and discounts, but you may want to know that it is adware. Security analyst alert that the MyDealBox adware is dispersed among users with the help of freeware bundles that most users install with the 'Express' or 'Typical' option. Also, the MyDealBox adware may use tracking cookies, web beacons, read your browsing history and detect your approximate geographical location to display targeted marketing content. Moreover, the MyDealBox adware may detect your OS version and software configuration and promote riskware like EZDownloader and FreeHDSport TV to earn pay-per-install revenue for its developers. You may expect banners, pop-up windows and ad boxes by MyDealBox to appear while you surf the Internet. You should keep in mind that the advertisers connected to MyDealBox...

Posted on May 27, 2015 in Adware

ShopSafer Ads

If there are ads by ShopSafer in your browser than you are infected with adware. The ShopSafer adware is promoted as a personal shopping assistant, but its primary aim is to generate affiliate revenue for its developers. The ShopSafer adware may appear as a browser add-on, an extension and a Browser Helper Object that was recently attached. The ShopSafer adware has a web page and in most cases it arrives on the user's PC as a drive-by installation of free software. Security experts note that the ShopSafer adware is designed to run in the background and can show banners, in-text hyperlinks to partners, ad panels, pop-up and pop-under windows loaded with commercials. Additionally, the ShopSafer adware might use HTTP and Flash cookies as well as read your Internet history to create a unique advertising profile for you and display custom-made ads. You should keep in mind that the ads by...

Posted on May 27, 2015 in Possibly Unwanted Program

FileOpener

The FileOpener program is advertised as a toolbar for your Internet browser that can open any file when you drag and drop it. However, you might want to avoid installing the FileOpener program because it is ad-supported, and you should expect banners, pop-up windows and sponsored links to flood your browser. Security researchers perceive the FileOpener app as a Potentially Unwanted Program (PUP) with adware functionality. The FileOpener program can be seen listed under the 'Advanced' or the 'Custom' option of freeware packages and can be downloaded from App-bliss.com/3220908375. Users should note that the FileOpener program writes and entry in Windows to ensure that it can download upgrades and fixes automatically. Security researchers underline that the FileOpener app may install the InstallCore platform and introduce adware on your PC. The adware related to FileOpener includes...

Posted on May 27, 2015 in Adware
1 2 3 4 5 6 7 8 9 10 11 928