Track Global Malware Trends
View the trending of malware based on the "detection count" reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Spam Alert: Phishing Email Scam Titled ‘Bank of America Alert: Account Suspended’
We recently discovered a new phishing scam from a Bank of America spam email message that attempts to warn a computer user of an 'invalid login' resulting in a 'suspended banking account'. The spam message is ultimately a phishing scam that tries to lure computer users to a phishing site to...
Top 5 Popular Cybercrimes: How You Can Easily Prevent Them
Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles , the days of robbing...

Top Articles

Play-bar.net

The Play-bar.net search aggregator is similar to Ultimate-search.net , and it is a questionable service that is promoted by a browser hijacker. The Play-bar.net site is operated by Blisbury LLP and features a small search bar, a weather forecast in the top right corner and a clock widget in the top left corner. Additionally, the Play-bar.net site may offer users to play Adobe Flash games on online gaming platforms like Princess Games , GamesRockit and TikiArcade . The browser hijacker related to Play-bar.net is written with the purpose of diverting the Internet traffic of infected users to Play-bar.net and earn affiliate revenue. The Play-bar.net browser hijacker may modify your DNS settings and change your default search aggregator, homepage and a new tab to Play-bar.net. The Play-bar.net browser hijacker might edit your Windows...

Posted on October 14, 2015 in Browser Hijackers

Cerber Ransomware

The Cerber Ransomware is a ransomware infection that is used to encrypt the victims’ files. The Cerber Ransomware adds the extension CERBER to every file that the Cerber Ransomware encrypts. After the Cerber Ransomware has encrypted some of the files of the victim, the Cerber Ransomware demands the payment of a ransom in exchange for the decryption key. According to Cerber Ransomware’s ransom note, computer users have one week to pay the ransom amount before this amount is doubled. As the Cerber Ransomware encrypts the victim’s files, it creates TXT, HTML, and VBS files named ‘DECRYPT MY FILES’ with instructions on how to pay the Cerber Ransomware’s ransom. These files are dropped on every folder that contains files that were encrypted by Cerber Ransomware. According to these ransom notes, the...

Posted on March 4, 2016 in Ransomware

Cerber3 Ransomware

The Cerber3 Ransomware is a new version of a well-known ransomware Trojan. The Cerber Ransomware Trojan now uses a slightly different method during its attack. The main difference is that the files infected by the Cerber3 Ransomware can be identified through the use of .CERBER3 as the extension that identifies the files that have been encrypted in the attack. PC security analysts had observed a Cerber2 variant of this attack previously. This numbering system may indicate new versions of software, and threats are no exception. The appearance of the Cerber3 Ransomware indicates that the Cerber ransomware family is being developed and updated currently. The Cerber3 Ransomware was discovered recently, around the end of August of 2016. The Cerber3 Ransomware presents minor differences from previous versions of this threat. However,...

Posted on September 1, 2016 in Ransomware

DNS Unlocker

The DNS Unlocker is adware that has caught the attention of PC security researchers. Many computer users have been using programs like the DNS Unlocker to bypass region-locking components in online applications. The DNS Unlocker, in particular, has been advertised as a way for computer users to access Netflix for regions outside of their location. PC security analysts strongly recommend against this approach. There are numerous applications available that supposedly allow computer users to modify their IP or connect to certain websites that are blocked for certain regions. However, this is a common way for adware developers to distribute their low-level and mid-level threats. In several situations, it may be better to avoid using these types of components or looking for reputable options even if they are slightly more expensive than...

Posted on June 15, 2015 in Adware

Tavanero.info

Tavanero.info is a bogus search engine that is associated with a PUP (Potentially Unwanted Program). Tavanero.info attempts to mimic the look and feel of the Google search engine to mislead computer users. Tavanero.info uses the Google logo colors in its layout and even includes the term ‘GoogleTM Custom Search,’ despite the fact that Tavanero.info has no affiliations with Google. Tavanero.info should be considered for what it is, a bogus search engine that may be used to expose computer users to potentially harmful online advertisements and content. There is no legitimate connection between Tavanero.info and Google, despite this fake search engine’s claims. Tavanero.info is linked to a type of PUP known as a browser hijacker, mainly because these components may be used to hijack the computer users’ Web...

Posted on September 6, 2016 in Browser Hijackers

Tech-connect.biz

If Tech-connect.biz start appearing as your homepage and search engine, this means that your computer is housing a browser hijacker. Then you wonder how it could have happened if wasn’t you who introduced Tech-connect.biz on your machine. The answer is very simple; browser hijackers may be part of the installation of a free software you downloaded from the Web recently. This is a well-used method since the computer users may be in a hurry when installing the free program they need and instead of choosing ‘Advanced’ or ‘Custom,’ used the quickest installation method, skipping its EULA and additional details, giving the browser hijacker, adware, and PUPs, the permission to be installed unknowingly. Although not threatening, Tech-connect.biz may cause a series of inconveniences to the computer users, such as...

Posted on September 15, 2016 in Browser Hijackers

Antivirus Security Pro

Antivirus Security Pro screenshot

Antivirus Security Pro is a rogue security application that belongs to a large family of rogue security software known as . Antivirus Security Pro is a fake security program that is disguised as a legitimate anti-virus application. Antivirus Security Pro does this by displaying false positives and bogus security warnings on the victim’s computer. There are several ways in which criminals distribute Antivirus Security Pro, including malicious attack websites and spam email messages containing malicious attachments. Security analysts consider that Antivirus Security Pro presents a threat to your computer. Because of this, ESG security researchers strongly recommend that computer...

Posted on August 22, 2013 in Rogue Anti-Spyware Program

Zepto Ransomware

The Zepto Ransomware is a variant of the Trojan Locky Ransomware . The Zepto Ransomware is designed to infect all versions of the Windows operating system, from Windows XP all the way to Windows 10. Ransomware Trojans like the Zepto Ransomware are especially threatening because, even if removed, the victim’s files will still be inaccessible. Essentially, the Zepto Ransomware takes the victim’s files hostage, encrypting them and demanding the payment of a ransom to decrypt them. Since the files encrypted by the Zepto Ransomware are impossible to recover without access to the decryption key, PC security analysts advise that computer users take immediate preventive measures to avoid becoming victims of this and similar ransomware Trojan attacks. When the Zepto Ransomware is installed on the victim’s computer, it...

Posted on June 29, 2016 in Ransomware

CryptoLocker Ransomware

CryptoLocker Ransomware screenshot

The CryptoLocker Trojan is a ransomware infection that encrypts the victim’s files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim’s computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user’s files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from...

Posted on September 11, 2013 in Ransomware

CryptoWall Ransomware

CryptoWall Ransomware screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

RelevantKnowledge

RelevantKnowledge screenshot

RelevantKnowledge is software that exists in a moral grey area. RelevantKnowledge is widely considered spyware, because RelevantKnowledge will collect huge amounts of information about your Internet usage, and then use that information to put together even more information about you. That information is then sold, anonymously, either individually or as part of aggregate data. Given the way that RelevantKnowledge is installed on most computers, it is unlikely that most of those users are fully aware of the facts about RelevantKnowledge. RelevantKnowledge is a product of the company MarketScore, formerly called Netsetter. MarketScore developed and uses RelevantKnowledge in order to...

Posted on April 8, 2005 in Adware

From Doc to Pdf Toolbar

From Doc to Pdf Toolbar is an unwanted toolbar/ adware application, which is advertised via other freeware and shareware program downloads to benefit from this. From Doc to Pdf Toolbar modifies the default homepage with Home.tb.ask.com and the default search provider with Search.tb.ask.com. From Doc to Pdf Toolbar installs a Browser Helper Object (BHO) that might corrupt, Internet Explorer, Google Chrome or Mozilla Firefox. From Doc to Pdf Toolbar is used to increase web traffic and make a profit from deceptive advertising by using blackhat SEO methods. PC users should always pay attention while installing software products because often, a software installer carries optional installations, such as From Doc to Pdf Toolbar. From Doc to Pdf Toolbar infiltrates into the attacked computer using misleading tactics without the victimized PC...

Posted on July 24, 2013 in Malicious Toolbars

OnlineMapFinder

OnlineMapFinder is a potentially unwanted program (PUP) that may install a potentially unwanted Ask.com powered toolbar. As component of the download process for the toolbar, the PC user may be given the option to reset the default start page and/or reset the new tab window to an Ask start page and a new tab window. This may give related links and results when the computer user makes a search query in the Web browser address bar, or if his browser address (DNS) request is invalid, misspelled or incorrectly formatted. OnlineMapFinder may set a search box within the toolbar which may help the computer user search online with search results from its search results partner.

Posted on March 4, 2014 in Potentially Unwanted Programs

Elex Hijacker

The Elex Hijacker is a Web browser hijacker that may take over a Web browser, change its homepage and other settings and prevent computer users from restoring their Web browser to its default setting. The Elex Hijacker may be associated with a variety of other unwanted symptoms. The main reason that makes the Elex Hijacker is considered a browser hijacker is because its main purpose is to take over a Web browser to force computer users to view certain websites repeatedly and open new Web browser windows and tabs while the computer users attempt to use their computers. The Elex Hijacker is promoted as a useful Web browser extension or add-on. However, PC security researchers have determined that the Elex Hijacker does not offer any useful or beneficial service. Rather, the Elex Hijacker is designed to make money at the expense of...

Posted on December 12, 2015 in Browser Hijackers

Social2Search Ads

Computer users that favor social media when it comes to choosing a fast and reliable method for staying connect to their friends may be interested in the Social2Search software. The Social2Search program is advertised as ‘a social search engine that gives you access to the knowledge of your friends.’ In other words, the Social2Search software allows you to use a custom search engine at Social.search.com to browse content that your contacts like, share and upload to Facebook, Twitter, Instagram, Pinterest, LinkedIn and Google+. The Social2Search application works as a browser extension that might change your default search engine and homepage settings to customize your Internet experience. The idea behind the Social2Search extension may sound great, but you should avoid installing it. Security researchers reveal that the...

Posted on May 5, 2016 in Adware

CounterFlix

The Counterflix software is advertised as an application that can allow users to load geo-restricted content from services like Hulu, Pandora and Netflix. PC users that live in countries like India, China, and Russia, where Internet censorship applies may be interested in installing Counterflix. The services provided by Counterflix are available through the app and the modification of your DNS configuration. The setup page for Counterflix can be found at Counterflix.com and users will need to edit their system settings to install the Counterflix correctly. You should note that the Counterflix software is provided on an “As-Is” basis and you will not receive support from its developers. Unfortunately, the makers of Counterflix do not provide contact information like a Facebook page or a Twitter account, which you may need in case...

Posted on October 2, 2016 in Adware

Cerber 4.0 Ransomware

The Cerber 4.0 Ransomware represents the next generation in development of the ‘.cerber’ line of encryption Trojans. The Cerber 4.0 Ransomware joins other threats like the ORX-Locker and the Stampado Ransomware , which are offered as Ransomware-as-a-Service package. The RaaS business was pioneered by Encryptor RaaS in early 2015 and the developers of Cerber want a share of the market for ransomware. It appears that the coders behind the Cerber 4.0 Ransomware decided to open their product to foreign programmers and benefit from the expanded distribution network. The Cerber 4.0 Ransomware is said to boast several significant improvements compared to the Cerber v3 . The Cerber v4 creates a unique file extension marker for every victim, and the Trojan is programmed to bypass all security mechanisms employed by modern...

Posted on October 13, 2016 in Ransomware

‘.aesir File Extension’ Ransomware

The ‘.aesir File Extension’ Ransomware is one of the many variants of the Locky Ransomware Trojan that is being used in attacks against computer users currently. The ‘.aesir File Extension’ Ransomware is being distributed in a spam email campaign that uses fake emails from the Internet Service Providers (ISP) claiming that the victim’s computer is being used to send out spam email messages. Computer users, tricked by the message, may open an attached ZIP file that results in the the ‘.aesir File Extension’ Ransomware. The ‘.aesir File Extension’ Ransomware is a Locky variant that changes the files affected by the attack so that their extension becomes ‘.aesir.’ This is a continuation of a Locky variant family that references the Norse Mythology (a previous variant of...

Posted on November 22, 2016 in Ransomware

More Articles

Mynetspeed.co

The MyNetSpeed.co extension promoted on Mynetspeed.co is said to help users check their Internet speed and keep up with how their Internet Service provider performs. The MyNetSpeed.co extension is supposed to support Internet Explorer, Google Chrome, and Mozilla Firefox, which are widely used by Web surfers. The MyNetSpeed.co extension may make several changes to the user’s default Internet client, which include changing the homepage to Mynetspeed.co/homepage/homepage.html?id=11192 and modifying the new tab page to include widgets named ‘Speed Test by Ookla’ and ‘Fast.com powered by Netflix.’ The page on Mynetspeed.co/homepage/homepage.html?id=11192 features a clock based on your approximate location, which is determined by reading your IP address. Your new homepage offers access to Fast.com and...

Posted on December 9, 2016 in Browser Hijackers

Discretesearch.com

Security analysts report that the Discretesearch.com website is connected to a browser hijacker that may be released to PC users as a search helper included in free program bundles. The Discrete Search browser hijacker is promoted as a search add-on that can enable users to perform untraceable search tasks unlike the services provided by Google, Bing and Yahoo. While these services are safe, they use tracking cookies to analyze Web traffic and show advertisements that generate revenue and pay for server maintenance, staff and new features. Discretesearch.com claims to offer a search functionality without the tracking cookies, as well as incorporate a Perfect Forward Secrecy (PFS) technology. PFS allows better security compared to SSL connections because tokens used to encode your link are generated with each command on...

Posted on December 9, 2016 in Browser Hijackers

QuickWeatherAlert Toolbar

The QuickWeatherAlert Toolbar software is developed by Mindspark Interactive Network, Inc. and can be downloaded at Free.quickweatheralert.com. Web surfers that are using Google Chrome, Internet Explorer and Mozilla Firefox for their online activity can install the QuickWeatherAlert Toolbar for free. Mindspark does not charge users who install the QuickWeatherAlert Toolbar. The QuickWeatherAlert software is promoted to help users get local weather forecast including the forecast for parts of the country you are interested in. Data regarding weather is pulled by the QuickWeatherAlert Toolbar from several sources and arranged in news feed. The QuickWeatherAlert Toolbar is designed to introduce several changes to your browser, which include altering your new tab page. You may be urged to allow QuickWeatherAlert set a new homepage for...

Posted on December 9, 2016 in Possibly Unwanted Program

‘.VforVendetta File Extension’ Ransomware

The ‘.VforVendetta File Extension’ Ransomware is packed as a Trojan that you may come in contact when you enable a macro in documents downloaded from spam emails. The ‘.VforVendetta File Extension’ Ransomware is a version of the SamSam Ransomware , which we covered in an article in April 2016. The variant ‘.VforVendetta File Extension’ Ransomware may have been inspired from the movie ‘V for Vendetta’ from 2005, which introduced the Guy Fawkes mask worldwide and later became the symbol of the hacktivist group Anonymous. As its name suggests, the ‘.VforVendetta File Extension’ Ransomware is named after the marker placed on encrypted objects. For example, ‘Lockheed Martin F-22 Raptor.pptx’ is transcoded to ‘Lockheed Martin F-22 Raptor.pptx..VforVendetta’....

Posted on December 9, 2016 in Ransomware

‘_morf56@meta.ua_ File Extension’ Ransomware

The ‘_morf56@meta.ua_ File Extension’ Ransomware is an encryption Trojan that is named after the marker it uses to notify the users about the data encryption. The files affected by the ‘_morf56@meta.ua_ File Extension’ Ransomware feature the ‘_morf56@meta.ua_’ suffix appended after the default file extension. For example, ‘Essexite rock.docx’ will be encrypted to ‘Essexite rock.docx_morf56@meta.ua_’ and you may need to do another report on a silica-undersaturated mafic plutonic rock. The ‘_morf56@meta.ua_ File Extension’ Ransomware is a Trojan that is spread among Windows users via a spam campaign that carries macro-enabled documents. As you may know, the macro functionality in digital documents is abused by threat actors to deliver threats. Security researchers...

Posted on December 9, 2016 in Ransomware

Supermagnet@india.com Ransomware

The ‘Supermagnet@india.com’ Ransomware is a Trojan that is a variant of the Dharma Ransomware . The ‘Supermagnet@india.com’ Ransomware is named after the email left for negotiations between operators and users affected by the Trojan. Reports from users show that the distribution campaign for the ‘Supermagnet@india.com’ Ransomware is centered on using dummy spreadsheets that have an embedded macro. The content of the dummy spreadsheets that serves as a decoy and as a message to enable macro is placed on the top of the document. Users who are lead to open the spreadsheet may enable the macro functionality in their office clients and run the macro. Windows interprets the macro as a command to download and run an executable with elevated privileges. Researchers note that the...

Posted on December 8, 2016 in Ransomware

Crypt.Locker Ransomware

The Crypt.Locker Ransomware is an encryption Trojan that behaves similarly to the Jigsaw Ransomware . The distributors of the Crypt.Locker Ransomware utilize spam emails to deliver threat droppers to users. In most cases, the users are welcomed to open a payment notification from an online store and a bank to confirm a purchase made recently. The designers of the spam messages are known to use copyrighted images and logos to convince users to open a macro-enabled document. Threats like the Crypt.Locker Ransomware and Satan666 Ransomware are known to land on computers after a macro was executed, which introduced the crypto threat into the system. Security researchers note that the Crypt.Locker Ransomware uses a reliable AES-256 cipher to lock data and may come with a fake digital certificate. The encryption engine of the...

Posted on December 8, 2016 in Ransomware

Popcorn Time Ransomware

The ‘Popcorn Time’ Ransomware was reported by security researchers that stumbled upon samples submitted on the Google’s VirusTotal. Snippets of code were shared on forums hosted on the TOR-Network and investigators determined that the ‘Popcorn Time’ Trojan is still under development at the time of writing this. The ‘Popcorn Time’ Ransomware does not appear to introduce new features regarding file encryption and works similarly to well-known threats such as the Crysis Ransomware and TeslaCrypt . Security experts note that the ‘Popcorn Time’ Ransomware can be packed easily as a file with a double extension and released with a wave of spam emails sooner rather than later. Samples of the ‘Popcorn Time’ Ransomware show that its authors may have drawn inspiration from...

Posted on December 8, 2016 in Ransomware

DiscoverLiveRadio Toolbar

The DiscoverLiveRadio Toolbar is advertised by adware and legitimate ads as a valuable addition to browsers such as Google Chrome, Internet Explorer, Opera and Mozilla Firefox. The DiscoverLiveRadio Toolbar is a product of Mindspark Interactive Network, Inc., which released the MyRadioAccess Toolbar , the Easy Radio Access Toolbar and the Your Radio Now . The DiscoverLiveRadio Toolbar is offered at Free.discoverliveradio.com for free download and usage as long as you tolerated advertisements from affiliate marketers. The DiscoverLiveRadio Toolbar may change your new tab page settings and load a customized version of Hp.myway.com, which may include ads from sponsors. Additionally, users of Internet Explorer and Mozilla Firefox may be urged by Mindspark to set Hp.myway.com/discoverliveradio/ttab02/index.html as their home page....

Posted on December 7, 2016 in Possibly Unwanted Program

Driver Updater Plus

The Driver Updater Plus is developed by Jawego Partners LLC and offered for download at Driverupdaterplus.com. The Driver Updater Plus software is promoted to solve driver problems with printers, keyboards, Webcams and other peripheral devices. According to Driverupdaterplus.com, the Driver Updater Plus supports all versions of Windows as far back as Windows XP. Computer users that cannot find the right driver for their hardware could download a trial version of the Driver Updater Plus and diagnose problems on their PCs. Additionally, the Driver Updater Plus is said to give an overview of outdated drivers and backup existing drivers. However, you might want to know that Jawego Partners LLC is known to release riskware, which we have covered in our articles on Super PC Cleanup , PC Protector Plus and PC Clean Plus . Researchers...

Posted on December 7, 2016 in Possibly Unwanted Program

Vo_ Ransomware

The Vo_ Ransomware was discovered in December 2016, five months after the SQ_ Ransomware emerged on security reports. Both threats are encryption Trojans that are delivered to potential victims via spam emails. Additionally, the Vo_ Ransomware is a slightly improved version of the SQ_ Ransomware, and both Trojans come from the same developers according to security experts. The spam emails carrying the dropper for the Vo_ Ransomware appear to feature logos from banks and online stores and urge the user make a payment referred in the invoice attached. Needless to say, users are asked to open a macro-enabled document, which is designed to install the Vo_ Ransomware Trojan in the background. When the Vo_ Ransomware is installed, it determines what type of drives can be accessed and how many files should be encrypted. The Vo_ Ransomware...

Posted on December 7, 2016 in Ransomware

Phoenix Ransomware

When the Phoenix Ransomware was first mentioned amongst security researchers, the Trojan was still in development. Researchers found the threat while digging in reports submitted to the Google’s VirusTotal platform and going on the Dark Web. Samples recovered from reports provided threat investigators with the executable to analyze, and they reveal interesting facts. The Phoenix Ransomware appears to be in development at the time of writing this. However, the Phoenix Ransomware is compact in size and can be deployed with spam emails as a file with a double extension, which may pass as a simple invoice easily. The researcher Utku Sen published an educational crypto-threat on the Github platform, which was used by threat actors to develop threats like the KimcilWare Ransomware and the HappyLocker Ransomware . The same source...

Posted on December 7, 2016 in Ransomware

GoldenEye Ransomware

The GoldenEye Ransomware is an encryption Trojan that is pushed as an improved version of the Petya Ransomware, which surfaced in March 2016. The GoldenEye Ransomware was brought to the attention of security researchers in December 2016. Spam emails aimed at human resource departments were found to carry a corrupted spreadsheet that featured a macro. As you well know by now, the macro is widely abused by threat actors to deliver threats like the Al-Namrood Ransomware and the Osiris Ransomware . PC users that work with CVs on a daily basis appear to be among the primary targets of the GoldenEye Ransomware since they are likely to open a document from an unknown sender. The macro script used to deliver the GoldenEye Ransomware is designed to write base64 encoded strings into an executable file that is stored in the Temp directory....

Posted on December 7, 2016 in Ransomware

‘Add Extension’ Pop-Up

The ‘Add Extension’ pop-ups we are talking about are not those loaded in the Chrome Web store. The ‘Add Extension’ pop-ups we want to talk about are the ones that are generated by a JavaScript code hosted on untrusted pages. Researchers have received reports that users are presented with an ‘Add Extension’ pop-up that cannot be removed with standard procedures and appears to bypass pop-up blocking filters in Google Chrome, Mozilla Firefox and Internet Explorer. Some users may be able to block the ‘Add Extension’ pop-up by using a third-party service like AdBlocker Plus, uBlock Origin and Ghostery. The ‘Add Extension’ notifications are generated on untrusted pages equipped with a JavaScript that keeps a dialog box on your screen as long as you do not close your browser....

Posted on December 6, 2016 in Adware

Sage Ransomware

The Sage Ransomware is an encryption Trojan that is based on TeslaCrypt and appears to be its successor. The Sage Ransomware is part of a family of crypto malware that includes the ‘.aaa File Extension’ Ransomware , the ‘.xort File Extension’ Ransomware and several others. All variants of TeslaCrypt are dispersed via spam emails and corrupted links. The Sage Ransomware is not as sophisticated as the Cerber 4.0 but it gets the job done without the need for administrative privileges. As long as your files are not password protected and are not under a read/write policy, they can be modified by the Sage Ransomware Trojan. p>Security experts report that the Sage Ransomware may use outdated certificates to bypass some scanners and heuristic detection. The Sage Ransomware uses custom-made AES-256 and RSA-1024...

Posted on December 6, 2016 in Ransomware
1 2 3 4 5 6 7 8 9 10 11 1,108