Track Global Malware Trends
View the trending of malware based on the "detection count" reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Spam Alert: Phishing Email Scam Titled ‘Bank of America Alert: Account Suspended’
We recently discovered a new phishing scam from a Bank of America spam email message that attempts to warn a computer user of an 'invalid login' resulting in a 'suspended banking account'. The spam message is ultimately a phishing scam that tries to lure computer users to a phishing site to...
Top 5 Popular Cybercrimes: How You Can Easily Prevent Them
Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles , the days of robbing...

Top Articles

Play-bar.net

The Play-bar.net search aggregator is similar to Ultimate-search.net , and it is a questionable service that is promoted by a browser hijacker. The Play-bar.net site is operated by Blisbury LLP and features a small search bar, a weather forecast in the top right corner and a clock widget in the top left corner. Additionally, the Play-bar.net site may offer users to play Adobe Flash games on online gaming platforms like Princess Games , GamesRockit and TikiArcade . The browser hijacker related to Play-bar.net is written with the purpose of diverting the Internet traffic of infected users to Play-bar.net and earn affiliate revenue. The Play-bar.net browser hijacker may modify your DNS settings and change your default search aggregator, homepage and a new tab to Play-bar.net. The Play-bar.net browser hijacker might edit your Windows...

Posted on October 14, 2015 in Browser Hijackers

Cerber Ransomware

The Cerber Ransomware is a ransomware infection that is used to encrypt the victims’ files. The Cerber Ransomware adds the extension CERBER to every file that the Cerber Ransomware encrypts. After the Cerber Ransomware has encrypted some of the files of the victim, the Cerber Ransomware demands the payment of a ransom in exchange for the decryption key. According to Cerber Ransomware’s ransom note, computer users have one week to pay the ransom amount before this amount is doubled. As the Cerber Ransomware encrypts the victim’s files, it creates TXT, HTML, and VBS files named ‘DECRYPT MY FILES’ with instructions on how to pay the Cerber Ransomware’s ransom. These files are dropped on every folder that contains files that were encrypted by Cerber Ransomware. According to these ransom notes, the...

Posted on March 4, 2016 in Ransomware

Cerber3 Ransomware

The Cerber3 Ransomware is a new version of a well-known ransomware Trojan. The Cerber Ransomware Trojan now uses a slightly different method during its attack. The main difference is that the files infected by the Cerber3 Ransomware can be identified through the use of .CERBER3 as the extension that identifies the files that have been encrypted in the attack. PC security analysts had observed a Cerber2 variant of this attack previously. This numbering system may indicate new versions of software, and threats are no exception. The appearance of the Cerber3 Ransomware indicates that the Cerber ransomware family is being developed and updated currently. The Cerber3 Ransomware was discovered recently, around the end of August of 2016. The Cerber3 Ransomware presents minor differences from previous versions of this threat. However,...

Posted on September 1, 2016 in Ransomware

DNS Unlocker

The DNS Unlocker is adware that has caught the attention of PC security researchers. Many computer users have been using programs like the DNS Unlocker to bypass region-locking components in online applications. The DNS Unlocker, in particular, has been advertised as a way for computer users to access Netflix for regions outside of their location. PC security analysts strongly recommend against this approach. There are numerous applications available that supposedly allow computer users to modify their IP or connect to certain websites that are blocked for certain regions. However, this is a common way for adware developers to distribute their low-level and mid-level threats. In several situations, it may be better to avoid using these types of components or looking for reputable options even if they are slightly more expensive than...

Posted on June 15, 2015 in Adware

Tavanero.info

Tavanero.info is a bogus search engine that is associated with a PUP (Potentially Unwanted Program). Tavanero.info attempts to mimic the look and feel of the Google search engine to mislead computer users. Tavanero.info uses the Google logo colors in its layout and even includes the term ‘GoogleTM Custom Search,’ despite the fact that Tavanero.info has no affiliations with Google. Tavanero.info should be considered for what it is, a bogus search engine that may be used to expose computer users to potentially harmful online advertisements and content. There is no legitimate connection between Tavanero.info and Google, despite this fake search engine’s claims. Tavanero.info is linked to a type of PUP known as a browser hijacker, mainly because these components may be used to hijack the computer users’ Web...

Posted on September 6, 2016 in Browser Hijackers

Tech-connect.biz

If Tech-connect.biz start appearing as your homepage and search engine, this means that your computer is housing a browser hijacker. Then you wonder how it could have happened if wasn’t you who introduced Tech-connect.biz on your machine. The answer is very simple; browser hijackers may be part of the installation of a free software you downloaded from the Web recently. This is a well-used method since the computer users may be in a hurry when installing the free program they need and instead of choosing ‘Advanced’ or ‘Custom,’ used the quickest installation method, skipping its EULA and additional details, giving the browser hijacker, adware, and PUPs, the permission to be installed unknowingly. Although not threatening, Tech-connect.biz may cause a series of inconveniences to the computer users, such as...

Posted on September 15, 2016 in Browser Hijackers

Antivirus Security Pro

Antivirus Security Pro screenshot

Antivirus Security Pro is a rogue security application that belongs to a large family of rogue security software known as . Antivirus Security Pro is a fake security program that is disguised as a legitimate anti-virus application. Antivirus Security Pro does this by displaying false positives and bogus security warnings on the victim’s computer. There are several ways in which criminals distribute Antivirus Security Pro, including malicious attack websites and spam email messages containing malicious attachments. Security analysts consider that Antivirus Security Pro presents a threat to your computer. Because of this, ESG security researchers strongly recommend that computer...

Posted on August 22, 2013 in Rogue Anti-Spyware Program

Zepto Ransomware

The Zepto Ransomware is a variant of the Trojan Locky Ransomware . The Zepto Ransomware is designed to infect all versions of the Windows operating system, from Windows XP all the way to Windows 10. Ransomware Trojans like the Zepto Ransomware are especially threatening because, even if removed, the victim’s files will still be inaccessible. Essentially, the Zepto Ransomware takes the victim’s files hostage, encrypting them and demanding the payment of a ransom to decrypt them. Since the files encrypted by the Zepto Ransomware are impossible to recover without access to the decryption key, PC security analysts advise that computer users take immediate preventive measures to avoid becoming victims of this and similar ransomware Trojan attacks. When the Zepto Ransomware is installed on the victim’s computer, it...

Posted on June 29, 2016 in Ransomware

CryptoLocker Ransomware

CryptoLocker Ransomware screenshot

The CryptoLocker Trojan is a ransomware infection that encrypts the victim’s files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim’s computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user’s files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from...

Posted on September 11, 2013 in Ransomware

CryptoWall Ransomware

CryptoWall Ransomware screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Trojan.BAT.Qhost

Trojan.BAT.Qhost is a malicious program that may deteriorate the general performance of a computer system. Trojan.BAT.Qhost may make a compromised PC vulnerable to other malware attacks, putting a victim’s private information at risk of crimes such as Identity theft. Victims can remove Trojan.BAT.Qhost with anti-spyware or anti-virus software.

Posted on November 20, 2009 in Trojans

HackTool:Win32/Keygen

HackTool:Win32/Keygen is a malicious Windows platform tool. HackTool:Win32/Keygen is used to generate keys for illegitimately-obtained versions of different software products. HackTool:Win32/Keygen may also download harmful files and deteriorate the performance of a system. Use an effective malware removal tool to remove HackTool:Win32/Keygen from your system. HackTool:Win32/Keygen may be used primarily for malicious purposes. A system with HackTool:Win32/Keygen installed may be susceptible to being infiltrated by a remote user. HackTool:Win32/Keygen software could generate software keys for applications installed that may eventually hold the PC users responsible for illegal usage. It would be wise to eliminate HackTool:Win32/Keygen to avoid those circumstances.

Posted on September 30, 2010 in Trojans

From Doc to Pdf Toolbar

The From Doc to Pdf Toolbar is a creation of Mindspark Interactive Network Inc. and a Possibly Unwanted Program that computer users can download from its website, Fromdoctopdf.com. The From Doc to Pdf Toolbar may attract the attention of computer users that need to convert their files to .docs because it promises to convert PDF, DOC, TXT, RTF, XLS, PPT, BMP, JPG, TIFF and more to .doc as long as they are installed on a computer running Windows 7, 8, 10, Vista, and XP. However, the From Doc to Pdf Toolbar may replace your new tab page or homepage to MyWay.com. Although downloaded and installed by the computer owner, the offered functions of From Doc to Pdf Toolbar may be unwanted. If you installed the From Doc to Pdf Toolbar on your machine but is not satisfied with its adverse secondary effects, you should consider uninstalling From...

Posted on July 24, 2013 in Potentially Unwanted Programs

Mapsgalaxy Toolbar

The Mapsgalaxy Toolbar is a Potentially Unwanted Program (PUP) that may cause various unwanted actions on web browsers. You can find the official site of the Mapsgalaxy Toolbar on Free.MapsGalaxy.com/index.jhtml. It is offered to users free of charge and claims to deliver the best directions and mapping tools on the Web. Some users may think that the Mapsgalaxy Toolbar is the perfect travel companion and wish to install it on their laptop. The Mapsgalaxy Toolbar is available for Mozilla Firefox and Google Chrome as a CRX, XPI file, or .exe file. However, the Mapsgalaxy Toolbar is categorized as a PUP or Potentially Unwanted Program. Although the Mapsgalaxy Toolbar may have some legitimate uses, it may be associated with other search engines and potentially misleading advertisements. Inconvenient Alterations Linked to the Mapsgalaxy...

Posted on September 10, 2013 in Potentially Unwanted Programs

Elex Hijacker

The Elex Hijacker is a Web browser hijacker that may take over a Web browser, change its homepage and other settings and prevent computer users from restoring their Web browser to its default setting. The Elex Hijacker may be associated with a variety of other unwanted symptoms. The main reason that makes the Elex Hijacker is considered a browser hijacker is because its main purpose is to take over a Web browser to force computer users to view certain websites repeatedly and open new Web browser windows and tabs while the computer users attempt to use their computers. The Elex Hijacker is promoted as a useful Web browser extension or add-on. However, PC security researchers have determined that the Elex Hijacker does not offer any useful or beneficial service. Rather, the Elex Hijacker is designed to make money at the expense of...

Posted on December 12, 2015 in Browser Hijackers

Social2Search Ads

Computer users that favor social media when it comes to choosing a fast and reliable method for staying connect to their friends may be interested in the Social2Search software. The Social2Search program is advertised as ‘a social search engine that gives you access to the knowledge of your friends.’ In other words, the Social2Search software allows you to use a custom search engine at Social.search.com to browse content that your contacts like, share and upload to Facebook, Twitter, Instagram, Pinterest, LinkedIn and Google+. The Social2Search application works as a browser extension that might change your default search engine and homepage settings to customize your Internet experience. The idea behind the Social2Search extension may sound great, but you should avoid installing it. Security researchers reveal that the...

Posted on May 5, 2016 in Adware

CounterFlix

The Counterflix software is advertised as an application that can allow users to load geo-restricted content from services like Hulu, Pandora and Netflix. PC users that live in countries like India, China, and Russia, where Internet censorship applies may be interested in installing Counterflix. The services provided by Counterflix are available through the app and the modification of your DNS configuration. The setup page for Counterflix can be found at Counterflix.com and users will need to edit their system settings to install the Counterflix correctly. You should note that the Counterflix software is provided on an “As-Is” basis and you will not receive support from its developers. Unfortunately, the makers of Counterflix do not provide contact information like a Facebook page or a Twitter account, which you may need in case of...

Posted on October 2, 2016 in Adware

Fanli90.cn

Fanli90.cn may seem like a site that offers fun content generated by visitors. However, the moderators at Fanli90.cn failed to notify their users that they are presented with content from another site. Moreover, there is no credit given to the original site, and you may be provided with links to phishing messages. What we are talking about is that Fanli90.cn presents its visitors with content from Fmylife.com and advertisements from insecure advertisements networks. We have received reports that users may be redirected to Fanli90.cn when they open a new tab and click on links on their favorite pages. An investigation was initiated, and there may be a browser hijacker program pushed to users via free software bundles. Fanli90.cn is added to the naughty list of several Web filters like Websense ThreatSeeker and Sucuri. Browser...

Posted on January 19, 2017 in Browser Hijackers

More Articles

‘800-953-457’ Pop-Ups

The ‘800-953-457’ pop-ups that may feature the title ‘storage.googleapis.com’ should not be trusted. The storage.googleapis.com site refers to the Google Apps Development platform, which we have seen to be exploited by fake technical support companies. The ‘800-953-457’ pop-ups are generated by specially crafted pages hosted on the legitimate storage.googleapis.com service. Con artists are known to exploit legitimate services and use valid digital certificates of third parties and logos of trusted companies to claim credibility. Cyber security experts note that the messages delivered via corrupted pages on storage.googleapis.com may offer misleading information, lead users to phishing domains and recommend users call phone lines like 800-953-457 that are operated by fake computer support agents. We...

Posted on February 17, 2017 in Adware

‘800-098-8052’ Pop-Ups

When we are talking about the ‘800-098-8052’ pop-ups, we speak of phishing messages that are styled like legitimate security alerts. The ‘800-098-8052’ warnings may originate from the urgent-issue-no58734-system.info site and clones such as urgent-issue-no57040-system.info, urgent-issue-no57167-system.info, as well as many others that feature a slightly different number at the end. These sites are registered to the 94.156.35.184 IP address that is added to the blacklist of several Web filtering services including Google Safebrowsing, Mozilla Phishing Protection and Websense ThreatSeeker. The content on the ‘800-098-8052’ pop-ups and associated pages are tailored to look like it comes from the Microsoft Corp. Experts have seen the ‘800-098-8052’ pop-ups include screenshots of Windows 10,...

Posted on February 17, 2017 in Adware

‘844-786-8921’ Pop-Ups

The ‘844-786-8921’ pop-up windows refer to phishing messages loaded on domains that are used to promote the services of fake computer support companies. We have seen the ‘844-786-8921’ messages advertise help with computer problems on the 844-786-8921 phone line and several other lines that are advertised on similar sites. The ‘844-786-8921’ pop-ups are reported to feature a modified screenshot of Support.microsoft.com and logos of Internet browsers like Edge, Internet Explorer, Google Chrome and Mozilla Firefox. Users should not associate the ‘844-786-8921’ messages with legitimate services connected to the Microsoft Corp., Google Inc. and the Mozilla Project. Con artists may use misappropriated digital certificates and hijack SSL certificates of third parties to convince users to call...

Posted on February 17, 2017 in Adware

‘800-341-9813’ Pop-Ups

The ‘800-341-9813’ pop-up windows, also known under the name ‘Porn*Virus*Detected’ pop-ups, refer to a phishing campaign that aims to direct users to call the 800-341-9813 phone line and ask for help with their computers. The code behind the ‘800-341-9813’ pop-ups is hosted on the Google APIs platform as a public Web-app, which is accessible via h[tt]ps://storage.googleapis.com/microsoft-security-scans-on-system-performed-100x/alert.html. The Web-app hosted on storage.googleapis.com is programmed to bring a fake security message on the screen of users who open the link mentioned before. We have received reports that the app receives traffic from a browser hijacker that redirects users to storage.googleapis.com. Computer users may install a browser hijacker with a corrupted free program and riskware....

Posted on February 17, 2017 in Adware

Search.searchwfaa.com

The Search.searchwfaa.com portal is associated with the Weather Forecast Alerts extension by Eightpoint Technologies Ltd., and the program may be installed with software packages published by Polarity Technologies Ltd. Computer users may encounter the extension under the name Weather Forecast Alerts New Tab. The program at hand is designed to serve as an addition to Google Chrome, Internet Explorer and Mozilla Firefox. As the name suggests, the Weather Forecast Alerts extension is supposed to provide extra information in your browser that includes weather forecast, humidity level, atmospheric pressure, and wind direction and speed. Web surfers can add the Weather Forecast Alerts extension to their Internet client by navigating to Weatherforecastalerts.com and use software packages by Polarity Technologies Ltd. PC users are not required...

Posted on February 17, 2017 in Browser Hijackers

Trois-Rivieres, Burlington, and Ottawa Had the Highest Malware Infection Rates in Canada for 2016

Computers in Trois-Rivieres, Burlington, and Ottawa were more likely than computers in any other city in Canada to be infected with malware last year. That’s according to data released today by Enigma Software Group (ESG), makers of the SpyHunter anti-spyware program. ESG’s research team looked at the total number of infections detected from data compiled from SpyHunter during 2016 in each of the 30 largest cities in Canada. Trois-Rivieres has the highest rate at nearly quadruple the national average. Burlington, Ottawa, and Montreal all had rates that were more than triple the national average. Experts at ESG have concluded that while many factors cause rates to be significantly higher in certain areas , there is no certain way of knowing what the primary driving factors for higher rates in one area versus another. Many...

Posted on February 16, 2017 in Computer Security

Motious.com

Motious.com is a search service that is powered by a custom Google search engine. Computer users that were redirected to Motious.com reported that their browser was hijacked as they did not install add-ons related to Motious.com. Computer security experts looked into Motious.com and revealed that the site is promoted as a place for motorcycle enthusiasts to gather and discuss topics of interest but there are no forum and message channels on Motious.com. The content at Motious.com appears to be generated from various advertisement networks, and the site is known to promote PC hardware, motorcycles and clothing. Computer users may want to head to the bottom section of Motious.com and pay attention to the following statement: ‘By using this website, you accept the use of cookies for marketing purposes.’ Motious.com does...

Posted on February 16, 2017 in Browser Hijackers

LoveLock Ransomware

The LoveLock Ransomware is not related directly to the Love2Lock Ransomware . The LoveLock Ransomware was detected for the first time on February 16th, 2017 and appears to be very similar to the Hermes Ransomware and the CryptoLocker Portuguese Ransomware . The LoveLock Ransomware may be delivered to users as fake CVs, news reports, and job applications attached to phishing emails. The developers behind the LoveLock Ransomware might target human resources departments, hospitals, and medium-sized businesses considering the nature of the spam campaign. Additionally, the LoveLock Ransomware is programmed to target a limited number of data containers compared to the Xampp Locker Ransomware and the CryptoKill Ransomware , which may be an effort to speed up the work of the Trojan. At the time of writing this article, computer...

Posted on February 16, 2017 in Ransomware

NTK Screenlocker

The NTK Screenlocker threat is a Trojan that supports screen lock features as its name suggests. The NTK Screenlocker Trojan was announced to the public on February 16th, 207 and appears to mimic the activity of the PadLock Screen Locker that emerged on December 21st, 2016. There is no evidence that the two threats are connected, but it is possible for the team behind the NTK Screenlocker to use open-source code that was used in similar programs. It is unclear who made the NTK Screenlocker, but the threat is known to arrive on computers via spam messages and exploits of vulnerable software. There are reports from users that the NTK Screenlocker may enter the OS as a component of a freeware bundle, but it is not confirmed if the threat is propagated in such a way. The samples of the NTK Screenlocker appear to support French only....

Posted on February 16, 2017 in Trojans

CryptoShield 2.0 Ransomware

The CryptoShield 2.0 Ransomware is the second generation of the CryptoShield Ransomware that was released on January 31st, 2017. The next stage of the development of CryptoShield appears to include changes in the marker placed on the encrypted files, the obfuscation layers, the ‘Command and Control’ servers, contact details and primary encryption algorithm. The CryptoShield 2.0 Ransomware surfaced on the scanners of security vendors on February 16th, 2017 when users were flooded with spam messages carrying corrupted documents. Cyber security experts note that macro-enabled text documents are often used to distribute threats like the CryptoShield 2.0 Ransomware and the HugeMe Ransomware . An in-depth analysis revealed that the authors of the CryptoShield 2.0 Ransomware switched from using the AES-256 cipher to the...

Posted on February 16, 2017 in Ransomware

Search.searchmpct.com

Search.searchmpct.com is a custom search portal that is associated with the ConvertThatPDF (also seen as ConvertPDFs) browser add-on by Polarity Technologies Ltd., which you may know for riskware such as GetFitNow New Tab and BookmyFlight . The ConvertThatPDF add-on is supposed to allow users to convert PDF files into other document types easily. The functionality of the ConvertThatPDF add-on depends on integration with the browser and Search.searchmpct.com. If you manage a large collection of PDF files and wish to convert some of your documents to other formats you may be interested in using ConvertThatPDF and Search.searchmpct.com. However, you should read the terms of use of ConvertThatPDF carefully because there are a few key aspects of ConvertThatPDF to consider. Users that do not wish to bother reading on...

Posted on February 16, 2017 in Browser Hijackers

Manchester, London, and Sheffield Have the Highest Malware Infection Rates in the United Kingdom

Computers in Manchester, London, and Sheffield are more likely than computers in any other city in the UK to be infected with malware. The Enigma Software Group (ESG) research team compiled their latest data based on malware detection data from SpyHunter during 2016 in each of the 30 largest cities in the UK. Manchester had the highest rate, and it wasn’t even close. Manchester’s rate was more than 500% higher than the national average. London, Sheffield, and Derby each had infection rates more than double the national average . Leicester rounded out the top five. “We’re not sure what causes infection rates to be significantly higher in one city or another,” said ESG spokesperson Ryan Gerding. “There could be a number of factors including the demographics of the area, how widespread PC usage is...

Posted on February 15, 2017 in Computer Security

HugeMe Ransomware

The HugeMe Ransomware is an encryption Trojan based on the EDA2 project that was presented to programmers as an ‘educational ransomware.’ Needless to say, it did not take long for threat actors to copy the EDA2 open-source code and customize it so that it can be delivered via macro-enabled documents to PC users. The HugeMe Ransomware joins the ranks of Trojans like the FSociety Ransomware , the VenusLocker Ransomware and the SeginChile Ransomware . The HugeMe Ransomware was announced on cyber security blogs on February 9th, 2017 and appeared to support the latest versions of Windows and oldest versions as far back as the Windows XP. An in-depth analysis confirmed that the HugeMe Ransomware supports the AES-256 and RSA-2048 ciphers, which are used to encode targeted data. The HugeMe Ransomware can lock the files...

Posted on February 15, 2017 in Ransomware

CryptoLocker Portuguese Ransomware

When PC security experts talk about the CryptoLocker Portuguese Ransomware, they are discussing an encryption Trojan that is a version of CryptoLocker , which is aimed at users in Portuguese-speaking countries such as Portugal, Brazil, Angola, Cape Verde and Mozambique. The CryptoLocker Portuguese Ransomware is a customized version of CryptoLocker that travels with phishing messages that include logos and images from trusted companies in the countries mentioned before. It is not a good idea to open bank statements, payment notifications, and what looks like an archive of photos from social media that may be attached to spam messages. The developers behind the CryptoLocker Portuguese Ransomware may exploit macro-enabled files to install the Trojan on vulnerable systems. The CryptoLocker Portuguese Ransomware is a standard file coder...

Posted on February 15, 2017 in Ransomware

Hermes Ransomware

The Hermes Ransomware is an encryption Trojan that was mentioned on computer security blogs for the first time on February 13th, 2017. Later, researchers provided information on the Hermes Ransomware and revealed that the Trojan is named after the code name HERMES that was spotted during the code analysis. Additionally, the Hermes Ransomware is using the extension ‘.HERMES’ to mark the encrypted objects. The Hermes Ransomware is ranked among threats like the CryptoKill Ransomware and the ‘.wcry File Extension’ Ransomware . The Hermes Ransomware is a standard crypto-threat that is equipped with a custom-built AES 256 cipher and uses the advanced RSA-1024 cipher to obfuscate the encryption key before it is sent to the ‘Command and Control’ server. The Hermes Ransomware is a quick and cunning...

Posted on February 15, 2017 in Ransomware
1 2 3 4 5 6 7 8 9 10 11 1,126