Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,099,600 0%
2 Conduit Search/Toolbar 875,439 0%
3 Adware.LinkSwift 630,029 0%
4 Hijacker 608,359 0%
5 PUP.Optimizer Pro 554,232 0%
6 V9 Redirect Virus 536,791 0%
7 PUP.InstallCore 527,398 0%
8 PUP.SupTab 471,997 0%
9 Babylon Search/Toolbar 423,458 0%
10 WeDownload Manager 416,203 0%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Kovter Ransomware


The Kovter Ransomware is a malware threat that carries out a common Police Ransomware scam in order to steal money from unsuspecting computer users. The Kovter Ransomware is a relatively new Police Ransomware Trojan, first detected in 2013 in the wild. Like most Police Trojans, the Kovter Ransomware displays a fake message from the police intending to trick the victim into paying a 'penalty' in order to stay away from jail time. Like other Police Rasomware, the Kovter Ransomware has a Winlocker component that allows the Kovter Ransomware to block access to the infected computer. However, the main reason why the Kovter Ransomware has attracted the scrutiny of malware researchers is...

Posted on April 10, 2013 in Ransomware

CIBS Pol Virus (Ransomware)


The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

Posted on February 21, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Malware, Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

Lizard Squad Hacker Group Suspected to Have Hijacked Domain

Hackers groups are always on the lookout for their next victim just like an avid hunter seeking the next meal to place on his dinner table. The hacker group known as Lizard Squad has been recently suspected of being responsible for hijacking the domain. As you may already know, is the home page belonging to the world's largest personal computer vendor, Lenovo. In recent news, Lenovo has been under fire for pre-bundling their laptop computers delivered shipped September 2014 to December 2014 with the Superfish software. As you may know, Superfish was discovered to be a malicious add-on and root cause for rogue security certificates that could relinquish personal data transmitted over the internet. Computer security experts believe in the recent hijacking of that the Superfish incident was a trigger to initiate an attack on the website. In...

Posted on February 27, 2015 in Computer Security


TeslaCrypt is ransomware that demands payment of $500 USD in Bitcoins or $1000 USD in PayPal My Cash Cards to decrypt your data. The TeslaCrypt ransomware encrypts your files with the AES encryption algorithm. Additionally, the TeslaCrypt ransomware will replace your wallpaper with a ransom warning and add another file called 'HELP_ TO_DECRYPT_YOUR_FILES.txt.' The computer user will need a specific decryption key to getting back the encrypted files. The TeslaCrypt ransomware can be found attached to spam emails or corrupted websites. You may want to follow the standard safety policies regarding the attachments to spam emails that advise users not do download such files. Protection from the TeslaCrypt ransomware and other malware can be attained by the installation of a reputable anti-malware solution.

Posted on February 27, 2015 in Ransomware


The cyber threat Win32/Nuqel.BD is classified as a worm that is part of the Nuqel, malware family. The Win32/Nuqel.BD worm is specialized in obstruction of the normal operation of programs and download and execution of other malware. Worms such as Win32/Nuqel.BD can spread via email and copy itself to removable devices and shared folders. Web surfers may become infected with the Win32/Nuqel.BD by opening links from spam emails or download and run attached files from spam. The Win32/Nuqel.BD worm can place its files with 'Read Only' label in 'System32' and 'APPDATA' folder of Windows. Security analysts note that Win32/Nuqel.BD can insert a registry key in Windows to ensure that it will auto-start at every system boot-up. The Win32/Nuqel.BD worm can disable system utilities such as the Windows Task Manager, msconfig.exe, and regedit.exe. Computer users infected with the Win32/Nuqel.BD...

Posted on February 27, 2015 in Worms


Computer users notified of the Adware.Generic6.QDX infection might want to know that it is a general name used by security solutions to specify adware. Security experts note that adware often arrives on PCs by bundling with free software installers that many users don't bother to handle via the 'Advanced' or 'Custom' option. The Adware.Generic6.QDX cyber threat may appear as a Browser Helper Object, an add-on and a browser extension depending on what web applications you have installed on your system. The Adware.Generic6.QDX can collect information about your favorite websites and preferred online resources in order to personalize the marketing materials presented to you. The Adware.Generic6.QDX might show pop-ups loaded with ads and banners that may cover your browser surface. If you want to secure your online activities and purge Adware.Generic6.QDX from your PC, you might want to...

Posted on February 27, 2015 in Adware

Search Better Ads

The Search Better browser tool by APN, LLC functions as a private ad platform that monetizes clicks on ads, and it is deemed by security researchers as adware. Search Better is another adware such as the RadioRage Toolbar , Local Crime Watcher Toolbar and EasyPDFCombine Toolbar that are connected to Adware developers often promote the services of, and the Search Better adware may set as your homepage and default search engine. Moreover, the Search Better adware might push advertisements in your web browser by using a browser extension, an add-on and a Browser Helper Object. The Search Better adware can be automatically installed on your PC during an 'Express' or 'Typical' installation of a freeware package. The ads by Search Better may take the form of pop-ups and pop-unders as well as contextual and transitional ads and banners. Many users might not...

Posted on February 27, 2015 in Possibly Unwanted Program

Despite what the domain name suggests it is used by adware to display pop-windows and promote Potentially Unwanted programs (PUPs). The pop-up window may appear every time you launch your web browser thanks to a registry key in Windows. Web surfers can be noted that the adware related to might use a Browser Helper Object, an add-on, and a browser extension to perform its activities. You may be interested to know that adware is often embedded with free application installers as an extra tool. Security experts remind that adware can be automatically installed on your system when you install freeware via the 'Express' or 'Typical option. The pop-up should not be trusted because it may lead you to install potentially harmful software or direct you to visit unsafe web...

Posted on February 27, 2015 in Browser Hijackers


The NexusBooster browser enhancer is classified by security analysts as adware infection that is being used by retailers as a marketing engine. The marketing materials by the NexusBooster adware may take the form of in-text hyperlinks to sponsored products and services, banners, ad boxes and pop-windows loaded with ads. You might wish to know that the NexusBooster adware can be found in free software installers promoted as a helpful app when you use the 'Advanced' or 'Custom' option. The ads by NexusBooster may appear related to your browsing activities because the NexusBooster adware can use tracking cookies. The NexusBooster adware may install a browser extension, a Browser Helper Object, and an add-on to facilitate its operations. Computer users can use a trusted anti-malware tool to remove the NexusBooster adware from their PC and secure their online browsing.

Posted on February 27, 2015 in Possibly Unwanted Program

MagnumDouble Ads

The MagnumDouble browser tool is perceived by security researchers as adware extension that can inject your web browser with many pop-up windows, banners, and ad boxes. Adware such as the MagnumDouble is deployed by using freeware setup files as vessels to deliver it to computer users. The MagnumDouble adware can take advantage of its browser integration and collect data about the content you engage and your favorite websites in order to generate tailor-suited ads. Computer users can be noted that the MagnumDouble adware may display ads linking to unsafe online locations and caution is advised. Moreover, the MagnumDouble adware may slow down your web browser and cover your browser surface with many ads. If you are experiencing ads by MagnumDouble, you can employ the services of a reliable anti-spyware tool to clean your system.

Posted on February 27, 2015 in Possibly Unwanted Program

Fiber.js Script Error Pop-Up

Computer users that are infected with adware may be notified with a 'Windows Script Host' pop-up referring to the failure of executing the 'fiber.js' JavaScript. You might want to know that errors connected to 'fiber.js' are symptoms of adware infection on your PC. Security researchers note that the 'fiber.js' file may contain code that can be used by adware to follow your clicks around the web and collect data about your preferred websites. Adware may use such information to display targeted advertisements in banners, pop-up windows and ad boxes. Computer users can be noted that adware often arrives on computers by incorporating with free software installers. If you are presented with a 'Fiber.js Script Error' pop-up notification you might want to use a trusted anti-spyware utility to scan your system and resolve possible adware infections.

Posted on February 27, 2015 in Browser Hijackers

ContradePlatform Ads

The ContradePlatform software is classified by security analysts as adware that is created to serve as an advertisement platform. The ContradePlatform adware is used to deploy marketing content in the web browser of infected users. Also, the ContradePlatform adware may keep track of your online search queries in order to show targeted ads in the form of banners, pop-ups, and pop-unders. The ContradePlatform adware is known to accompany freeware installers as an extra tool that is automatically installed via the 'Express' or 'Typical' option. The ContradePlatform adware may create a key in Windows registry to start with your web browser, and it may use an add-on to perform its operations. You can be noted that the ads by ContradePlatform may not feature safe content and clicks on advertisements by the ContradePlatform adware are not advisable. Adware such as the ContradePlatform can be...

Posted on February 27, 2015 in Possibly Unwanted Program

GovernorInspector Ads

The GovernorInspector program may appeal to users by offering security features, but you might want to know that it is deemed by security experts as adware that can push numerous advertisements inside your web browser. The GovernorInspector adware may integrate with your browser by installing a Browser Helper Object, an add-on and a browser extension. Adware such as the GovernorInspector often travels in the company of free applications that many users install via the 'Express' or 'Typical' option. The GovernorInspector adware infection can collect data about your online habits and preferred web pages in order to present you with related advertisements. The ads by GovernorInspector may take the form of banners and ad boxes, and you may want to remember that adware does not follow safety policies regarding the ads being displayed. Clicks on ads by GovernorInspector may lead you to...

Posted on February 27, 2015 in Possibly Unwanted Program


The HopToShop software can be downloaded from its official website as an online shopping tool and can be automatically installed by handling freeware bundles with the 'Express' or 'Typical' option. Security researchers note that the HopToShop app is considered as adware that may slow down their web browser and display many marketing materials in the form of banners, pop-ups, contextual and transitional ads. Users may be interested to know that the IP address of HopToShop's website is associated with other adware used to generate pay-per-click revenue. Also, you may want to remember that adware such as the HopToShop may not display safe content, and possible harmful software might be promoted to you. Malicious third parties can partner with adware developers to target active online buyers for profit. Computer users infected with the HopToShop adware can seek the help of...

Posted on February 27, 2015 in Adware


Fraudulent emails supposedly sent by the Microsoft Volume Licensing Service Center have been plaguing corporate users, in an attempt to make them believe that they have earned permission to handle volume licenses. If the victims linger the mouse over the email's URL, they will be directed to a corrupted WordPress server where a malware called Chanitor is concealed. The Chanitor malware may release other threats including the Vawtrak banking Trojan. Chanitor is a very resourceful malware, since the noticeable elements of its tactic have a genuine appearance; its coding is well-done and its threatening file will disappear very quickly after its introduction. Chanitor servers are based on the Tor anonymity network which turns its detection and removal a very hard task.

Posted on February 27, 2015 in Trojan Downloader


The Shoponi browser tool may claim that it can help you discover exclusive online deals, but you may wish to know that it is adware. Security experts note that the Shoponi adware functions as a private ad network of adware developers who use Shoponi to earn pay-per-click revenue. The Shoponi adware can be found as an extra tool in freeware bundles when you explore the 'Advanced' or 'Custom' option. The Shoponi adware may appear as a Browser Helper Object in Internet Explorer, a browser extension in Google Chrome and as an add-on in Mozilla Firefox. The Shoponi adware can inject web pages with in-text hyperlinks to sponsored products, display pop-up ads and banners that may clutter your web browser. Also, the Shoponi adware can read your bookmarks and browsing history to determine what type of ads may interest you. Computer users that highly value their online privacy may not welcome...

Posted on February 27, 2015 in Adware

POODLE Malware

The POODLE vulnerability refers to a security flaw that can allow cybercriminals to conduct a man-in-the-middle attack. The POODLE bug allows the execution of attacks on web browser-based communication between clients and servers that use the Secure Sockets Layer (SSL) encryption. The Transport Layer Security (TLS) is the preferred encryption for communications, but Mozilla Firefox and Google Chrome are known to use SSL when TLS is not available. Therefore, they are exposed to exploits in this manner. Cyber attackers could monitor Wi-Fi hotspots and decrypt HTTPS encrypted traffic that can allow them to corrupt the data exchanged between two or more communicating devices. Security experts conclude that the POODLE flaw could grant hackers the opportunity to send malware to numerous computers, tablets, and smartphones. However, web giants such as Google and Mozilla have released patches...

Posted on February 27, 2015 in Malware
1  2  3  4  5  6  7  8  9  10  11  12  Next     Total items: 13266