‘.0ff File Extension’ Ransomware

The ‘.0ff File Extension’ Ransomware is an encryption ransomware Trojan that is used to extort computer users. The ‘.0ff File Extension’ Ransomware first appeared in November of 2016 and is a variant in a family of ransomware Trojans that has been around for a while. The ‘.0ff File Extension’ Ransomware is a variant of an older family of ransomware commonly known as BitMessage, which preceded larger, more recent families such as Locky and Crysis . The ‘.0ff File Extension’ Ransomware receives this name because it identifies the encrypted files with the extension ‘.0ff’ in a way similar to a large number of similar ransomware Trojans that have appeared in the same period. The ‘.0ff File Extension’ Ransomware is typically delivered in corrupted spam email...

Posted on November 23, 2016 in Ransomware

ChromoSearch.com

Web surfers reported redirects to Chromosearch.com, which looks like a search service but it is not. Chromosearch.com is a redirect-gateway to search results on Google.com. When visitors at Chromosearch.com enters keywords into the search field at the center of the browser surface, they will be provided with results from marketers that sponsor Chromosearch.com. Using the filters for images, videos, news, and shop at the top section of Chromosearch.com would send the user to the main page of Google.com. The redirects to Chromosearch.com are likely to be caused by a browser hijacker on your computer that may have changed your Internet settings across Google Chrome, Mozilla Firefox, Opera and Internet Explorer. Browser hijacking software may be packed as extensions, add-ons and plug-ins in most cases. There are free programs that may...

Posted on November 23, 2016 in Browser Hijackers

M0on Ransomware

The M0on Ransomware is a ransomware Trojan that is used to extort money from its victims. Like other ransomware Trojans that have been released in November of 2016, the M0on Ransomware encrypts its victim’s files and demands the payment of a ransom. PC security analysts strongly advise against paying the M0on Ransomware’s ransom, despite that it may not be possible to decrypt the files affected by the M0on Ransomware currently. The M0on Ransomware is a variant of a ransomware family that has been around for a while, commonly known as MyLittleRansomware or the Cute Ransomware. The M0on Ransomware is one of the many variants that are produced from this particular ransomware Trojan to evade detection and stay ahead of security software updates. The M0on Ransomware is virtually identical to the majority of new ransomware...

Posted on November 23, 2016 in Ransomware

Links-yahoo.com

The Links-yahoo.com domain is mentioned in reports for browser hijacking and is not deemed as trusted. The Links-yahoo.com portal offers a search powered by a personalized Google search that any user can make in two minutes for free. Web surfers will find that Links-yahoo.com offers four news feeds dedicated to entertainment, business, sport and social events. The core of the page at Links-yahoo.com may be dominated by advertisements presented as a wide banner, which is topped by the search bar. Links-yahoo.com may be used as a tool to gather search terms and show advertisements based on recently entered keywords. Search queries at Links-yahoo.com may redirect users to the following page: https[:]//cse.google.en/cse?cx=partner-pub-7934573645402812:8431768889&ie=UTF-8&sa=Search&q= However, Links-yahoo.com may not...

Posted on November 23, 2016 in Browser Hijackers

‘.x3m File Extension’ Ransomware

The ‘.x3m File Extension’ Ransomware is one of the many variants of the Globe Ransomware family that has been active in November of 2016. In Fall of this year, there has been an inordinately large amount of encryption ransomware variants, one of which is the ‘.x3m File Extension’ Ransomware. The ‘.x3m File Extension’ Ransomware is named after the file extension that is used to identify the files that have been encrypted by the ‘.x3m File Extension’ Ransomware. The ‘.x3m File Extension’ Ransomware encrypts the victim’s files to demand ransom in exchange for the decryption key. To identify files that have been encrypted in the attack, the ‘.x3m File Extension’ Ransomware uses the extension ‘.x3m.’ The ‘.x3m File Extension’ Ransomware...

Posted on November 22, 2016 in Ransomware

‘.aesir File Extension’ Ransomware

The ‘.aesir File Extension’ Ransomware is one of the many variants of the Locky Ransomware Trojan that is being used in attacks against computer users currently. The ‘.aesir File Extension’ Ransomware is being distributed in a spam email campaign that uses fake emails from the Internet Service Providers (ISP) claiming that the victim’s computer is being used to send out spam email messages. Computer users, tricked by the message, may open an attached ZIP file that results in the the ‘.aesir File Extension’ Ransomware. The ‘.aesir File Extension’ Ransomware is a Locky variant that changes the files affected by the attack so that their extension becomes ‘.aesir.’ This is a continuation of a Locky variant family that references the Norse Mythology (a previous variant of...

Posted on November 22, 2016 in Ransomware

CHIP Ransomware

The CHIP Ransomware is a ransomware Trojan that is being distributed using the RIG Exploit Kit , also known as the Empire Exploit Kit. It is a new addition to this exploit kit’s arsenal. The CHIP Ransomware itself is not particularly unique and is clearly derived from various other ransomware Trojans that have been active in the last year. Most ransomware similar to the CHIP Ransomware is being distributed using corrupted spam email campaigns, making the CHIP Ransomware attack particularly threatening. The CHIP Ransomware is injected into the victim’s computer by an exploit kit that takes advantage of vulnerabilities in the victim’s applications and operating system. Exploit kits can be used to distribute a wide variety of threats. The Empire or RIG Exploit Kit had already been active for some time. In this case,...

Posted on November 22, 2016 in Ransomware

Myluckysites.com

Myluckysites.com is presented to Web surfers as a convenient start page that you are welcomed to load when you begin an online session. Myluckysites.com may be loaded in all Internet browsers and comes with new page backgrounds every day. Also, users may be offered quick links to Facebook, Booking.com, Amazon, eBay, Instagram and Twitter. The Myluckysites.com portal provides a clock that is based on your time zone and a search bar at the top section of the page. Visitors can set filters for images, videos, news, and the Web, which are applied when you enter keywords into the search bar at Myluckysites.com. Users may be redirected to Google.com when they use the search functionality embedded into Myluckysites.com. You may be interested in using Myluckysites.com as your homepage, and you should know that the portal is associated with...

Posted on November 22, 2016 in Browser Hijackers

VindowsLocker Ransomware

The VindowsLocker Ransomware is an encryption ransomware Trojan that is used to carry attacks on computer users. The VindowsLocker Ransomware tactic consists in extorting victims by encrypting their files. The VindowsLocker Ransomware demands the payment of a ransom to return access to the affected files. The VindowsLocker Ransomware is one of the many variants of the Hidden Tear family of ransomware Trojans. The VindowsLocker Ransomware receives its name because it identified the files that have been encrypted through the use of the extension ‘.vindows.’ The VindowsLocker Ransomware is based on Hidden Tear, an open source ransomware engine that was released to the public as an ‘educational ransomware engine.’ Unfortunately, con artists took advantage of this freely available ransomware engine quickly to...

Posted on November 22, 2016 in Ransomware

Advancecomputerzone.online

The Advancecomputerzone.online domain is untrusted and connected to a phishing campaign that aims to promote fake technical support services on the +44-800-090-3843 toll-free phone line. The page on Advancecomputerzone.online resembles the legitimate technical assistance page on Support.microsoft.com operated by Microsoft. However, the +44-800-090-3843 phone number on Advancecomputerzone.online is not associated with the staff at the Microsoft Corp. Fake technical support companies may use altered screenshots of Support.microsoft.com, embed trademarked images into their phishing campaigns, and pretend to offer help to users. Researchers alert that the services at Advancecomputerzone.online are not to be trusted. Web filters like Sucuri, Websense Threatseeker, and Google Safebrowsing block access to phishing content at...

Posted on November 21, 2016 in Adware

‘.exploit File Extension’ Ransomware

The ‘.exploit File Extension’ Ransomware is a ransomware Trojan that is used to force computer users to pay ransoms after taking their files hostage. Threats like the ‘.exploit File Extension’ Ransomware are used to extort computer users, preventing them from accessing their data until they pay a large ransom. There is a wide variety of new variants of the ‘.exploit File Extension’ Ransomware being distributed online since early Fall of 2016. The ‘.exploit File Extension’ Ransomware is just one of countless variants in this ransomware family. The most common way of distributing the ‘.exploit File Extension’ Ransomware is by attaching it to spam email messages. Victims of the ‘.exploit File Extension’ Ransomware attack may receive an email message that...

Posted on November 21, 2016 in Ransomware

‘Suppteam03@india.com’ Ransomware

The ‘Suppteam03@india.com’ Ransomware is a ransomware Trojan that is being used to extort money from computer users. The ‘Suppteam03@india.com’ Ransomware attack is simple to understand since it is a variant of CryptoLocker , a well-known encryption ransomware Trojan. The ‘Suppteam03@india.com’ Ransomware uses the AES-256 encryption to take over the victim’s data, encrypting it and making it inaccessible. The ‘Suppteam03@india.com’ Ransomware demands a ransom that is quite high in exchange for the decryption key needed to restore the affected files. The ‘Suppteam03@india.com’ Ransomware asks for 2.05 BitCoins (approximately $1300 USD at the current exchange rate). The ‘Suppteam03@india.com’ Ransomware drops its ransom note in the form of a text file named...

Posted on November 21, 2016 in Ransomware

‘.razy1337 File Extension’ Ransomware

The ‘.razy1337 File Extension’ Ransomware is an encryption ransomware Trojan that uses an RSA-2048 key and an AES-256 encryption algorithm to encrypt the victim’s files, essentially taking them hostage. After encrypting the victim’s data and making it inaccessible, the ‘.razy1337 File Extension’ Ransomware displays a ransom note that demands the payment of 0.5 BitCoin (approximately $355 USD at the current exchange rate) to receive the decryption key needed to restore the affected files. Unfortunately, the files that have been encrypted by the ‘.razy1337 File Extension’ Ransomware cannot be recovered without the decryption key. However, caving into the con artists’ ransom demands and paying the ransom is unlikely to get results. PC security analysts have observed numerous cases...

Posted on November 21, 2016 in Ransomware

‘.kukaracha File Extension’ Ransomware

The ‘.kukaracha File Extension’ Ransomware and numerous other variants in the same family of ransomware are currently being used in attacks against computer users. The ‘.kukaracha File Extension’ Ransomware identifies the files that have been corrupted in the attack with the extension ‘.kukaracha.’ The ‘.kukaracha File Extension’ Ransomware uses a typical encryption ransomware Trojan attack, encrypting the victim’s files and demanding the payment of a ransom from the victim. The ‘.kukaracha File Extension’ Ransomware may be distributed using corrupted spam email attachments. The corrupted files being used to distribute the ‘.kukaracha File Extension’ Ransomware have been identified in many cases as files disguised as spreadsheet documents through the use of...

Posted on November 21, 2016 in Ransomware

Search.dm-cmf.com

Search.dm-cmf.com is a redirect-portal owned by Adknowledge, Inc. that is used to host links associated with the Terra Arcade browser extension. Web surfers can find the Terra Arcade browser extension at Get.terraarcade.com, as well as listed in the Chrome Webstore. The description for Terra Arcade uploaded to the Chrome Webstore by Adknowledge, Inc. says: ‘Navigate to your favorite online games, with the help of Terra Arcade™. The Terra Arcade™ extension offers convenient web search and features from the Chrome New Tab page. Get fast, one-click access to popular online game content from your new tab page with Terra Arcade™.’ The Terra Arcade extension is programmed to make modifications to the user’s browser upon installation. Researchers note that when installing the Terra Arcade extension, the users will...

Posted on November 18, 2016 in Browser Hijackers
1 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 1,118