Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

LaSuperba

LaSuperba may be associated with numerous problems that may be caused by PUPs (Potentially Unwanted Programs). LaSuperba may interrupt the computer users' activities when browsing the Web and cause performance problems on affected Web browsers. LaSuperba is linked to an adware that may affect most commonly used Web browsers on the Windows operating system, including Internet Explorer, Mozilla Firefox and Google Chrome. LaSuperba advertisements may take the form of irritating pop-up messages that make it very difficult to use the affected Web browser. In most cases, removing adware associated with LaSuperba will stop LaSuperba advertisements from appearing on affected Web browsers. However, most adware infections do not come alone; the presence of one adware component may indicate the presence of others, all of which may be connected with LaSuperba and similar unwanted content....

Posted on August 31, 2015 in Adware

VirLock Ransomware

Screenshot

The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware

Screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware

Screenshot

The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar

Screenshot

MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the MyStart.Incredibar.com website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware

Screenshot

ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Live Security Platinum

Screenshot

Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer

Screenshot

DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

GamerHippo

GamerHippo is a Potentially Unwanted Program (PUP) that may have a negative impact on the performance of your Web browsers. This questionable software may generate all kinds of commercial materials. Shortly after GamerHippo attaches to Google Chrome, Mozilla Firefox and Internet Explorer, you may encounter intrusive video ads, pop-ups, banners, in-text ads or page-covering interstitial ads. The majority of users report that the offers and discounts by GamerHippo may be unreliable. The sponsored links may cause substantial annoyance or functionality issues. GamerHippo may be deployed to your system by third-party freeware. This delivery mechanism is known as bundling. It is especially efficient for those PC users who click on the 'I agree' buttons without reading the text. The recommendation of the specialists is to use the 'Advanced' (or sometimes 'Custom) menu to install cost-free...

Posted on June 24, 2016 in Possibly Unwanted Program

SuperBrowser

SuperBrowser is not a Web client that you should trust. SuperBrowser is a Potentially Unwanted Program (PUP) that may make your surfing sessions unenjoyable. SuperBrowser is created on the Chromium platform, which offers the source codes of Google Chrome to all enthusiasts for free. This engine can be very helpful to people with limited knowledge in computers, and want to create their own browsers. You will not have to write all of the codes yourself. Unfortunately, many people may abuse this platform and use it to take advantage of unsuspecting PC users. If you are not vigilant, you may install SuperBrowser without knowing. Its developers may rely on the bundling method for its distribution. The questionable software may come in combination with freeware. If you read the details carefully and perform the installation process via the 'Advanced' menu, you can keep SuperBrowser away....

Posted on June 24, 2016 in Possibly Unwanted Program

TZip

TZip is a controversial application for compression of files, which the experts define as a Potentially Unwanted Program (PUP). It is not advisable to install this tool without knowing all of its aspects. As it appears, TZip can achieve its main purpose. You should be able to modify the size of files with various extensions, including .zip, .rar, tar.gz, .tar.bz2, etc. It is not expected to encounter errors or glitches if you attempt to compress or decompress such files. The main reason for the negative user feedback concerns the fact that TZip may cause changes to the Web clients. This software is ad-supported so that TZip may include various commercial materials. Some PC users may feel as if this is a fair deal because the license of the product is free. However, there are numerous alternatives that can achieve the same functionality without the need to include pop-ups and banners....

Posted on June 24, 2016 in Potentially Unwanted Programs

Thousands of US Military Personnel Records Leaked on Dark Web by Ghost Squad Hackers

Hackers are known for their relentless efforts in causing utter chaos over the Internet whether it is their actions of attacking a web server belonging to a large company or government entity, or compromising massive amounts of data and later spilling it over the Dark Web . Unfortunately, the latter has taken place dropping thousands of US Military personnel records over the Dark Web revealing service member's names, phone numbers, addresses, emails, age, gender, and income. The hacker group responsible for the recent compromise and spill of Military personnel data was found to be the Ghost Squad group, which have outwardly made their actions known over Twitter. The OpSilence campaign is part of the hacktivist movement initiated by the Ghost Squad Hacker group during the beginning of June 2016. A the time, the group made it clear that they were against mainstream media sites due...

Posted on June 24, 2016 in Computer Security

Searchonlineusa.com

Citizens of USA and English-speaking users around the world may be offered to install the Search USA Online search enhancer. The Search USA Online application is developed by InfoSpace, LLC. that is known for deploying browser hijacking software. You may install the Search USA Online app along with other freeware such as the Zoo Toolbar and DoReMe . The Search USA Online app may appear as a browser plug-in, add-on, extension and Browser Helper Object. The Search USA Online search enhancer is designed to make modifications to Google Chrome, Internet Explorer, Opera and Mozilla Firefox. The Search USA Online app is programmed to redirect users to Searchonlineusa.com and provide customized search results that are suited to English-speaking users. The engine on Searchonlineusa.com is based on Webcrawler.com and is coded with additional functionality. The Search USA Online program...

Posted on June 24, 2016 in Browser Hijackers

GamesZing Ads

The GamesZing extension may be offered to you as a way to load premium games from Gameszing.com in your browser without paying a dime. The GamesZing extension may allow you to play entertaining games like WrestleMania and Drag Race, but it may not be a safe application. Security experts looked into the GamesZing extension and its official site Gameszing.com. The analysis revealed that the GamesZing extension is a modified version of the Gamevance adware and is connected to other adware including Games Charm and Kozzoo . The GamesZing adware may change your new tab and homepage settings to load promotional materials from merchants and welcome you to make purchases on less-reputable online stores. The GamesZing adware is designed to invoke users to click on discounts, coupons, and vouchers by using audio and video commercials, banners, and pop-up windows. The GamesZing adware may...

Posted on June 23, 2016 in Adware

TapBreaker Ads

Computer users that want to build a custom gaming center that is similar to Steam and Battlenet without programming knowledge may be interested in installing the TapBreaker software. The TapBreaker software is a browser extension that can allow users to compile custom packs of games on Tapbreaker.com and add shortcuts to games on their PC. The TapBreaker extension is compatible with Google Chrome, Mozilla Firefox, Opera and Internet Explorer. You can download and install the TapBreaker software from Tapbreaker.com and may notice it in freeware bundles under the 'Advanced' and 'Custom' option. The TapBreaker program is designed to modify the new tab page of your browser and host the game packs you create. However, the TapBreaker extension is supported by advertisements, and you may experience many pop-up ads on Amazon and video commercials on YouTube. Security investigators reveal that...

Posted on June 23, 2016 in Rogue Anti-Spyware Program

QuickPhotoEdit Аds

The QuickPhotoEdit software is advertised as a free photo editing tool for your new tab page. Computer users that are not confident in their skills on Adobe PhotoShop and similar image manipulation tools may be interested in installing the user-friendly QuickPhotoEdit appreciation. You can find the QuickPhotoEdit extension on Free.Quickphotoedit.com or may install it as a component to a freeware package. The QuickPhotoEdit application is licensed under the GNU General Public License and is published by the infamous Mindspark Interactive Network, Inc. Mindspark may lead users to believe that the QuickPhotoEdit app is a safe alternative to the discontinued project Picasa by Gooogle Inc. The QuickPhotoEdit extension may be listed on your 'Control Panel' as QuickPhotoEdit by MyWay and appear in your browser as an add-on, extension, plug-in, and Browser Helper Object depending on your...

Posted on June 23, 2016 in Browser Hijackers

Zimbra Ransomware

The Zimbra Ransomware is a specialized Encryption Trojan that is designed to compromise the Zimbra enterprise collaboration software and encrypt all files stored in the Zimbra email storage. The Zimbra cryptomalware runs as a Python script that is easily modified and can load modules from remote servers. Security researchers suspect that the Zimbra cryptomalware is introduced into the Zimbra framework via a compromised server. The Zimbra Ransomware is similar to FessLeak and PowerWare . These threats do not require a psychical body to run and work as in-memory processes. Moreover, the Zimbra Ransomware may damage major OS platforms including Linux, Windows, and Mac. The Zimbra Ransomware uses the RSA and AES encryption methods to encode all files that reside within the Zimbra email repository. The Zimbra Ransomware can alter the header of any file regardless of its size and make...

Posted on June 23, 2016 in Ransomware

Carbonite Online Backup Service Resets User Passwords Due to Cyber Attack

Online backup services are a sure bet for safeguarding your computer's data with a proper backup, whether it is a Mac or Windows PC. Unfortunately, hackers are taking aim at many online services, one being the Carbonite online backup service, which decided to reset all user passwords due to a large scale ATO (account takeover) attack. Just this week, the GoToMyPC service suffered a cyber attack that forced remote access service to have users reset their passwords. Virtually identical to the ATO attack that took place at GoToMyPC, Carbonite has succumbed to the same fate that resulted in the company taking precautions to prevent infiltration of user accounts by forcing everyone to reset their login passwords. Brute-force attacks, or cyber attacks that attempt to log into multiple user accounts through previously compromising other related online account login credentials, are...

Posted on June 22, 2016 in Computer Security

FunMediaTab Ads

The FunMediaTab browser extension by Imali Media Ltd. is promoted on Funmediatab.com as been a better alternative to software like Kodi, Plex and Emby. The FunMediaTab browser extension may attract users that seek a lightweight application that does not require extensive configuration by the user to work properly. The FunMediaTab software will integrate into your browser and change your new tab page design and search provider settings. The FunMediaTab extension might change your search aggregator to Search.Funmediatab.com and redirect you to a custom version of Yahoo that is laid with many ads and sponsored links. You might experience pop-up windows that are titled 'Presented by FunMediaTab' and you may be welcomed to buy products from less-reputable sites while shopping on Amazon and Best Buy. Security experts reveal that the FunMediaTab browser extension is adware and is a modified...

Posted on June 22, 2016 in Adware

Liodsefboxons.ru

The Liodsefboxons.ru domain is associated with a browser hijacking application that may have arrived on your system as a browser add-on, plug-in, Browser Helper Object and extension. The browser hijacker linked to Liodsefboxons.ru may travel in free software packages that include riskware like the Dynamic Pricer and the FastAgain PC Booster . Security analysts report that the Liodsefboxons.ru browser hijacker is designed to be compatible with the most used browsers and perform redirects via Trapfleiyb-mz.ru. The browser hijacker at hand connects to Liodsefboxons.ru, which acts as an access point and then loads Trapfleiyb-mz.ru that is a redirect-gateway to more than twenty sites and a dozen advertisers. The Liodsefboxons.ru browser hijacker may use information like your recently visited pages to determine what page to load and which promotions should be provided to your attention....

Posted on June 22, 2016 in Browser Hijackers

Kozy.Jozy Ransomware

Malware researchers report a surge in the development of ransomware that can delete the Shadow Volume Copies. Therefore, users need to be mindful of the Kozy.Jozy Ransomware. The playful name of the Kozy.Jozy malware is derived from the kozy.jozy@yahoo.com email provided to its victims for contact. The Kozy.Jozy Ransomware is an encryption Trojan that is similar to BitCryptor and CryptoDefense and can prevent data restoration via the Shadow Volume Service in Windows. Initial analysis suggests that the Kozy.Jozy Ransomware is a product of Russian-speaking developers, and it appears to target users that have IPs corresponding to countries where Russian is spoken. The Kozy.Jozy Trojan is deployed to users via links on forums, malvertising, and spam mail. That way the Kozy.Jozy Ransomware can be delivered to hundreds of thousands users as opposed to using a spam bot only. The...

Posted on June 22, 2016 in Ransomware

CryptoRoger Ransomware

Security investigators report that macro-enabled documents attached to spam email are used to deploy the CryptoRoger Encryption Trojan among users that work with invoices, CVs, and reports on a daily basis. The coders behind the CryptoRoger Ransomware seem to employ social engineering and target users that need to process many documents from unknown senders to increase their chances of compromising PCs successfully. Unfortunately, hospitals and NGOs that may fall victim to the CryptoRoger Ransomware can deny access to data. The CryptoRoger Trojan might use JavaScript to input commands directly into Windows and hide its presence. The CryptoRoger Trojan is designed to begin encrypting files on next system reboot to make it harder for security experts to determine the infection vector. Additionally, the CryptoRoger Trojan can request instructions from its operators on how to proceed with...

Posted on June 22, 2016 in Ransomware

Negozl Ransomware

The NegozI Ransomware is an Encoding Trojan that is used to lock the data of users and direct them to send 5 Bitcoins to a predefined wallet address. For your information, 5 Bitcoins are equal to $3,300 which is a small fortune for most users and small businesses. The NegozI Ransomware is a severe cyber threat to individual users and poorly configured networks, but it is not on the same level as the KimcilWare and the Dr Jimbo Ransomware . It appears that the malware actors behind the NegozI Ransomware cannot limit their greed and might use spam bots, malicious links, compromised chat accounts, and fake software updates to spread the NegozI Trojan among as many users as they can. Apart from the absurd ransom demand and strange name, the NegozI Ransomware is nothing special under the hood. The NegozI Ransomware uses one of the preferred encryption algorithms that is AES-256 to...

Posted on June 22, 2016 in Ransomware
1 2 3 4 5 6 7 8 9 10 11 1,065