Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,100,214 3%
2 Conduit Search/Toolbar 1,510,800 2%
3 PUP.SupTab 1,104,594 4%
4 PUP.SuperWeb 908,846 3%
5 PUP.InstallCore 902,936 2%
6 PUP.Optimizer Pro 891,472 2%
7 Adware.Multiplug/Variant 881,053 4%
8 Iminent Toolbar 751,427 3%
9 PUP.CrossRider 646,058 5%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

Chaos Ads

Peculiar ads by Chaos in your Web browser may pique your interest, and you may want to know that you are infected with adware. There is nothing chaotic about the Chaos adware, and it functions orderly just like the TTinline and the UniDeals adware do. The Chaos adware may have entered your computer as a browser add-on embedded with a free program installer that most users handle with the 'Typical' or 'Express' option. The Chaos adware does not differ greatly from its kindred programs and may use session cookies, DOM storage data, read your bookmarks and detect your approximate geographical location to show targeted marketing materials. The Chaos adware can conduct behavioral marketing and users may be offered to install apps like RambleRoam and see many coupons, discounts, and special deals. The Chaos adware-powered add-on may use pop-up windows and banners to deliver marketing...

Posted on July 31, 2015 in Adware


Computer users that are presented with messages from the domain about installing a new version of a Flash player should be distrustful. Security investigators report that the domain is associated with a browser hijacker that travels embedded with freeware packages and shows pop-up windows and changes your home page. The browser hijacker is dispersed among users in order to generate pay-per-install revenue for its creators. The pop-ups may claim to promote an update to your Flash player, but the legitimate Adobe Flash software has a built-in updater that will not show pop-ups in your browser. Moreover, the software on is a download manager that may introduce programs like SpeedAnalysis3 , Registry Cleaner Pro and Search...

Posted on July 31, 2015 in Browser Hijackers

Beagle Browser

The Beagle Browser is deployed to users in freeware packages as an easy--to-use Web browser that provides a clean and safe environment for browsing the Internet. The Beagle Browser is based on the open source project Chromium used by Google and claims to be fast and secure. However, you might want to know that the Beagle Browser is developed by Lollipop Network, S.L. that have spread the Lollipop - Best Deals adware. They used the Lollipop adware to earn affiliate revenue by pushing ads in your Web browser. Security researchers recognize the Beagle Browser as a Potentially Unwanted Program (PUP) with adware capabilities. You should keep in mind that the Beagle Browser from Lollipop Network, S.L. will use web beacons, HTTP and Flash cookies, DOM storage data and record your download history to display related advertisements. Security investigators note that the Beagle Browser will...

Posted on July 31, 2015 in Adware

Shopper For Torch Ads

The Shopper For Torch browser extension from Shopper For Torch Ltd. is promoted as a tool that will enhance your shopping experience on websites like Walmart, Best Buy, eBay, and Amazon. The Shopper For Torch browser extension can be automatically installed on your PC when you install a freeware bundle via the 'Express' or 'Typical' option. You should note that the Shopper For Torch extension functions as a redirect-gateway to content by third parties and your interaction with its ads is entirely at your risk. Security analysts perceive the Shopper For Torch extension as adware that may redirect you to harmful domains and suggest you to install riskware like BatBrowse and Spark Cast . The Shopper For Torch adware is built on the Crossrider development platform and is compatible with Google Chrome, Internet Explorer, Opera and Mozilla Firefox. The Shopper For Torch adware may use...

Posted on July 31, 2015 in Adware

DeskBar Toolbar

PC power users may be intrigued to install the DeskBar Toolbar because it claims to improve their search capabilities online and on their computer. The DeskBar Toolbar is developed by Blue Labs, LLC as an advanced search tool and can be downloaded from and acquired via free software packages. The DeskBar software functions similarly to the Desktop Search program from Unique Solutions, but uses the Bing engine instead of Google while placing a toolbar at the top of your desktop as well. Security experts warn users that the DeskBar toolbar by Blue Labs is supported by advertisements, and you should expect to see contextual and transitional ads, pop-up windows and banners brought by DeskBar. Therefore, the DeskBar toolbar is deemed as a Potentially Unwanted Program that may obstruct your Intent activities by displaying many ads and slowing down your Internet browser. The...

Posted on July 30, 2015 in Possibly Unwanted Program

PriceItDown Ads

The ads powered by PriceItDown that appear in your Web browser are generated by adware that is using the services of the OffersByContext ad network to earn affiliate revenue for its creators. You may have installed the PriceItDown adware by handling a freeware package with the 'Express' or 'Typical' option automatically. The PriceItDown adware is designed to load contextual advertisements based on what content you engage in order to maximize its efficiency. The PriceItDown adware is cross-compatible and might load customized marketing materials on banners, inline ads, full-page ads, and pop-up windows. As stated above, the PriceItDown adware uses the service of OffersByText to deliver promotions and will employ session and persistent tracking cookies, DOM storage data, record your search keywords and download history. Computer users infected with the PriceItDown adware will see...

Posted on July 30, 2015 in Adware

Tortuga Browser

The Tortuga Web browser from ClaraLabs S.A. is a custom build of the open source project Chromium deployed to users as a fast and secure Internet client. The Tortuga browser can be downloaded from its official web page, but most of its installations are achieved through bundling with third-party software. You should know that the ClaraLabs S.A. company developed the BoBrowser Web browser hijacker and the Unico Browser riskware. You should always install software via the 'Custom' or 'Advanced' option to avoid the installation of adware and riskware like GoGoGo Radio and Info Seeker . Security analysts note that the Tortuga Web browser is supported by advertisements that will replace the native ads you have seen on online stores like Amazon, eBay, and Best Buy. Additionally, the Tortuga browser may place banners, coupons and discounts from sponsors on non-affiliated websites. The...

Posted on July 30, 2015 in Possibly Unwanted Program

CryptPKO Ransomware

Malware investigators report that there is a new cryptomalware on the scene named CryptPKO that can encrypt video, text, and audio files and add 'i8xmgq' to the file extension. The CryptPKO cryptomalware is deployed via spam mail referring to PayPal and purchases made on Amazon and eBay. The CryptPKO ransomware is designed to encrypt your files, edit your Windows Registry and present you with a ransom note in the form of a simple TXT file entitled 'HOW TO DECRYPT FILES.' The note of the CryptPKO ransomware says: "Attention !!! you broke the law !! all your files are encrypted !!" and directs users to visit a website for instructions how to pay the ransom. However, the website is not working, and PC users are directed to write to and negotiate the terms for receiving a decryption key. Malware investigators note that the CryptPKO ransomware is a variation of the...

Posted on July 30, 2015 in Ransomware

RightTabs Ads

The ads by RightTabs are not related to a helpful browser extension to manage your opened tabs but to adware that is designed to subject users to a constant stream of commercials. The RightTabs adware travels incorporated with free program installers and can be noticed under the 'Custom' or 'Advanced' option. The RightTabs adware may have placed its files in the "Application Data" folder to evade early detection. Also, it may have edited your Windows Registry to be listed as a start-up program when you log-on to your PC. The RightTabs adware may use web beacons, tracking cookies, detect your approximate geographical location and read your browsing history to show related advertisements. Security investigators point out that the commercials from adware such as RightTabs, Funpop and Rugo are not safe, and you might be redirected to untrusted domains and insecure online stores....

Posted on July 30, 2015 in Adware

ZoomyLib Ads

Security researchers classify the ZoomyLib binary as adware that is dedicated to generating pay-per-click revenue for its developers. The ZoomyLib adware comes from the same people behind the PennyBee adware, and its most notable trait is the display of coupons and discounts. However, the ZoomyLib adware could present infected users with pop-up and pop-under windows that offer users to install riskware like 24×7 Help and Deja Data to earn pay-per-install revenue. The ZoomyLib adware may utilize banners and floating ads to deliver more marketing materials and may cover your browser surface with ads. The ZoomyLib adware is built on the Crossrider Framework and can work with Mozilla Firefox, Google Chrome, and Internet Explorer. The ZoomyLib adware is deployed bundled with freeware programs that users carelessly handle with the Express' or 'Typical' option. Security researchers...

Posted on July 30, 2015 in Adware

Encryptor RaaS

The Encryptor RaaS malware is a Ransomware Development Kit promoted on the Dark Web and hosted on the TOR network. It seems to be a successor to a cryptomalware building kit named Tox that introduced the idea of ransomware development becoming a service. RaaS stands for 'Ransomware as a Service’, which related to the fact that its developers offer it to operators of botnets as a tool to create custom-made ransomware in exchange for 20% of the realized profits. The developers of the Encryptor RaaS malware allow cyber criminals to input their ransom demand, late payment requirements and a time marker to distinguish a late payment from an immediate one. The Encryptor RaaS cryptomalware can be delivered via ZIP attachments to spam emails, trojan downloaders like Poison and exploit kits like Styx and Neutrino The victims of the Encryptor RaaS custom-made ransomware are presented...

Posted on July 30, 2015 in Ransomware

‘’ Pop-Ups

Web surfers that experience pop-up windows from may want to know that their computer is infected with a browser hijacker that promotes bogus computer assistance. The browser hijacker edits your Internet client settings so that it loads the content on every time you start an online session. Moreover, the messages on are displayed with JavaScript and users will not be able to close them unless they assess the Windows Task Manager and kill the Web browser process. Security researchers note that the pop-ups are accompanied by an audio recording of a female voice suggesting that your PC is affected by viruses, spyware and urges users to call 888-973-8415 to receive help. Also, the pop-ups may resemble the BSOD seen on critical system failures to claim credibility. Computer users presented with the...

Posted on July 29, 2015 in Adware

‘’ Pop-Ups

Security investigators report that the domain is recognized as malicious, and users should abstain from interaction with its content. The domain is associated with several types of cyber threats such as browser hijackers, trojans, rogueware, and adware. Users who prefer the 'Express' or 'Typical' option of freeware installers may allow a browser hijacker to be installed as well and experience pop-ups by The pop-ups contain links to phishing web pages and threats like SavePass , Kazy and ThinkPoint . The pop-up windows can take different forms depending on what Web browser you use, but all versions will lead the users to a small window that appears to resemble a Windows 7 program window. The fake program windows on suggest that an Adobe Flash Player Update is...

Posted on July 29, 2015 in Browser Hijackers

‘’ Pop-Ups

Security authorities alert users that the domain is associated with a browser hijacker that changes your homepage and shows pop-ups. The browser hijacker in question is programmed to present infected users with the content on and direct them to call supposedly certified technicians on the toll-free phone number 1844-499-3631. Needless to say, the aren't legitimate technical support services that would use browser hijacking software to promote their expertise. The fake technicians associated with may attempt to convince users to purchase a license in order to assist them in removing potential threats, and computer users may become victims of financial fraud and data theft. You should dial 1844-499-3631 and follow instructions on the pop-up windows. The browser hijacker mentioned...

Posted on July 29, 2015 in Browser Hijackers

Cool Popular Games Toolbar

The Cool Popular Games Toolbar is deployed by the infamous Mindspark Interactive Netowk, LLC. as a toolbar for your web browser that can turn your opened new tabs into gaming centers. The Cool Popular Games toolbar may provide you with access to arcade, puzzle, and classic games, but its main objective is to show ads and divert web traffic to The Cool Popular Games toolbar can be download from its official web page, but most of its installations are performed through third-party installers. The Cool Popular Games toolbar is considered to be adware and users should avoid installing it. Security investigators point out that the Cool Popular Games adware-powered toolbar has versions for Google Chrome, Mozilla Firefox, and Internet Explorer but is banned from the Chrome Web Store and the Firefox store. You should note that the Cool Popular Games adware will limit your search...

Posted on July 29, 2015 in Browser Hijackers
1 2 3 4 5 6 7 8 9 10 11 951