Alice

Alice is a threat that con artists can use to gain cash illicitly from Automatic Teller Machines (ATM). Alice was first detected in November 2016. Alice is used to targeting ATMs, allowing con artists that have physical access to the ATM’s ports to force the machine to give money to the con artist. Alice receives its name because its creator referred to the Alice code as ‘Project Alice.’ It is possible that versions of Alice have been active since at least 2014. The people using Alice need access to the ATM ports, either through the USB or CD-ROM ports. If they have access, they can load Alice into the ATM and then connect a keyboard to interact with the ATM. In most cases, ATMs are based on the Windows XP, which allows con artists to launch Alice with a keyboard. To do this, the con artists need a PIN access code...

Posted on December 28, 2016 in Trojans

CryptoLocker3 Ransomware

The Cryptolocker3 Ransomware, known as Pclock, pretends to be a CryptoLocker variant by encrypting the data on the victim’s PC using an XOR encryption method. The Cryptolocker3 Ransomware also receives the name Pclock because of a project name that threat analysts found in the Cryptolocker3 Ransomware’s executable code. Once the Cryptolocker3 Ransomware is installed, it scans the victim’s files in search for certain file extensions. The Cryptolocker3 Ransomware encrypts the found files using its encryption engine. After encrypting the victim’s files, the Cryptolocker3 Ransomware displays its ransom note, which includes a 72-hour timer. The Cryptolocker3 Ransomware demands the payment of 1 BitCoin (approximately $840 USD at the current exchange rate) in exchange for the decryption key. Fortunately, there is a...

Posted on December 28, 2016 in Ransomware

Ageofcomp.nfo/search/start.html

Browser hijackers are small applications that are usually installed as browser extensions and they are designed to execute just one simple task – to modify a Web browser’s settings so that it redirects users to a particular website whenever they load their homepage or new tab page. Software of this type may often be used to boost the traffic of less popular websites or search engines greatly so that they’ll seem more legitimate due to the high amount of exposure they receive. This is exactly the case with http://ageofcomp.info/search/start.html, a dubious search engine that you may agree to set as your default new tab page and homepage unknowingly, even though you’ve never heard of it before. The http://ageofcomp.info/search/start.html browser hijacker, just many other similar low-level threats may rely on software...

Posted on December 27, 2016 in Browser Hijackers

Exclusiverewards.[RANDOM DOMAIN NAME]

Exclusiverewards.[RANDOM DOMAIN NAME] is a questionable website brought to your computer by an adware that was bundled with a useful program you downloaded from the Internet, and is used to display annoying and unwanted advertisements on the computers it affects. Exclusiverewards.[RANDOM DOMAIN NAME] is linked to browser hijackers and adware, which main objective is to offer the installation of dubious content that includes optimization utilities, web browser toolbars, and similar applications to generate pay-per-click revenue for its creators. Computer housing Exclusiverewards.[RANDOM DOMAIN NAME] also may be redirected to unsafe websites that may display random commercial pop-up ads and banners or ads and banners matching the PC user’s browsing routine since its related adware may collect the user’s browsing data. Browser...

Posted on December 27, 2016 in Adware

W.sende.expresswin.top

What is causing the appearance of a website with a weird name on your computer is an adware that may have entered your machine stealthily bundled with a third-party application. The website called W.sende.expresswin.top might become very annoying because you will be redirected to it automatically and its presence may cause some unwanted problems that, otherwise, never was appearing on your machine. For example, other, unwanted applications may be installed on your computer automatically; the Web pages you are visiting will be covered with advertisements or their texts will be turned into hyperlinks randomly; fake applications and updates will be offered on inconvenient pop-ups. W.sende.expresswin.top and its unwanted advertisements and offers is a clear motive why computer users should research carefully any new application they are...

Posted on December 27, 2016 in Adware

Koolova Ransomware

The Koolova Ransomware is a ransomware Trojan that was designed to harass computer users, under the pretext of educating them about ransomware Trojans. The Koolova Ransomware encrypts the victim’s data and then drops a ransom note. However, instead of demanding a ransom from the victim, it asks that the victim read two articles about ransomware to recover the affected data. The Koolova Ransomware is incomplete apparently and does not ask for ransom. However, the Koolova Ransomware does threaten the victim, claiming that it will delete the victim’s files if the victim does not read the two articles suggested in its ransom note. Despite its intentions, the Koolova Ransomware is still a threat that infects the victims’ computers and carries out a threat attack. The Koolova Ransomware uses a typical encryption method,...

Posted on December 27, 2016 in Ransomware

BadEncript Ransomware

The BadEncript Ransomware is an encryption ransomware Trojan that is used to force computer users to pay large amounts of money. The BadEncript Ransomware encrypts its victims’ files to demand ransom in exchange for the decryption key. The poor implementation of the encryption routine has resulted in a threat that is probably still in development, and there is no way of decrypting the affected files. Because of this, computer users should never agree to pay the BadEncript Ransomware ransom. There are flaws in the BadEncript Ransomware’s code that make it clear that this Trojan is still in development and remains unfinished. The BadEncript Ransomware’s ransom note is also incomplete, meaning that victims cannot pay the ransom fee associated with the BadEncript Ransomware. The BadEncript Ransomware is just one of...

Posted on December 27, 2016 in Ransomware

Excellentsearch.org

Excellentsearch.org is a generic Internet search site and one that has been deemed to be a browser hijacker. Excellentsearch.org may be a site that is automatically loaded as your default home page when using popular web browsers like Google Chrome, Internet Explorer or Firefox. The reasons for Excellentsearch.org automatically loading may be due to installing random freeware that has loaded various components or add-on extensions related to Excellentsearch.org in your web browser. The Excellentsearch.org site itself is not immediately harmful to a PC. However, use of various advertisements or sponsored links found on Excellentsearch.org and its search results may cause the loading of other questionable sites that may have unwanted content. It is important to take the necessary actions and precautions to rid a system of all...

Posted on December 27, 2016 in Browser Hijackers

‘Microsoft Office Activation Wizard’ Tech Support Scam

‘Microsoft Office Activation Wizard’ Tech Support Scam is a deceptive notification that comes from the infection of a Trojan horse on a Windows PC. It has been revealed that the ‘Microsoft Office Activation Wizard’ Tech Support Scam roots from the Trojan.Tech-Support-Scam family of malware that is known for displaying several fake Microsoft notifications. While the ‘Microsoft Office Activation Wizard’ Tech Support Scam is in no way related to the legitimate Microsoft company, it leverages the Microsoft name in order to trick victimized computer users into using a provided toll-free number, which is known to connect to others who demand payment for an alleged computer fix service. The text for the ‘Microsoft Office Activation Wizard’ Tech Support Scam reads as follows: Microsoft...

Posted on December 27, 2016 in Adware

DeriaLock Ransomware

The DeriaLock Ransomware is a ransomware Trojan that was first detected on Christmas Eve 2016. The DeriaLock Ransomware locks the victim’s screen and demands the payment of $30 USD. The DeriaLock Ransomware is not designed to encrypt the victims’ files and instead locks the victim’s screen, preventing access to the victim’s computer but leaving the victim’s files intact. There is no specific information about how the DeriaLock Ransomware spreads currently, although spam email attachments are the most common method for spreading these threats. Once the DeriaLock Ransomware is installed, the DeriaLock Ransomware generates a unique identifier for the infected machine. The DeriaLock Ransomware will then contact its Command and Control server and download its most recent version, saving it at the following...

Posted on December 27, 2016 in Ransomware

AdamLocker Ransomware

Adam has been busy in December 2016. The AdamLocker Ransomware is a new variant in a family of ransomware that is all released by a threat developer claiming to be a ’13 years old’ and presumably named ‘Adam.’ It is not entirely unlikely that this is true since the AdamLocker Ransomware and its variants are unsophisticated attacks that are stopped easily. The AdamLocker Ransomware will change the extension on compromised files to ‘.adam,’ although the AdamLocker Ransomware is probably unable to encrypt files, unless new variants that are updated are released. The AdamLocker Ransomware is most likely distributed through spam email attachments and also may be found on risky websites or file sharing networks. The AdamLocker Ransomware is also known as RW.adm_64, and its developer has also been known...

Posted on December 26, 2016 in Ransomware

Manifestus Ransomware

The Manifestus Ransomware is a ransomware Trojan that has been associated with several variants in December 2016. The Manifestus Ransomware uses a lock screen that attempts to trick computer users into believing that their files have been encrypted by an encryption ransomware Trojan. The Manifestus Ransomware demands a payment of 0.3 BitCoin (approximately $240 USD) to ‘decrypt’ the victim’s files. However, the Manifestus Ransomware does not have the capacity to encrypt files or carry out these attacks. It is clear that the Manifestus Ransomware threat is poorly implemented and the work of amateurs. The Manifestus Ransomware may be delivered through corrupted spam email attachments or attack websites that use exploit kits to deliver threats to the victims’ computers. The Manifestus Ransomware changes how...

Posted on December 23, 2016 in Ransomware

Guster Ransomware

The Guster Ransomware is a ransomware Trojan that is used to force computer users to pay large amounts of money. The Guster Ransomware is an encryption ransomware Trojan, meaning that it will encrypt the victim’s files to block access to their content. The Guster Ransomware takes the victim’s files hostage until the victim pays a ransom. Although the Guster Ransomware is considered a threat, it is fortunate that there are currently decryption utilities available to help computer users recover from attacks by the Guster Ransomware’s family of ransomware. When the Guster Ransomware infects a computer, it prevents victims from accessing their files. The Guster Ransomware scans the victim’s hard drive in search for files with certain extensions. The Guster Ransomware will then use a strong encryption algorithm...

Posted on December 23, 2016 in Ransomware

Roga Ransomware

The Roga Ransomware is a low-level ransomware Trojan that is used to force computer users to pay money. To force computer users to do this, the Roga Ransomware will take the victim’s files hostage, blocking computer users from gaining access to their computers. The Roga Ransomware is not a sophisticated threat and is the clear successor of the Free-Freedom Ransomware , a ransomware threat released only a short time before. In its ransom note, the creator of this ransomware Trojan claims to be 13 years old, a possibility that is not unlikely given the level of sophistication of this threat. However, for inexperienced computer users, the Roga Ransomware can be more than an annoyance, preventing them from using their computers entirely. The supposed 13 years old responsible for Roga Ransomware was also responsible for the...

Posted on December 23, 2016 in Ransomware

Bangladesh Google Site Defaced by Pakistani Hackers

Cyber warfare can closely be compared to terrorism as those who mean to cause harm to humanity are hell-bent on wreaking utter havoc on the front of the Internet. In the latest events to take place involving hackers, a group of Pakistani hackers have placed a Bangladesh domain belonging to Google in their crosshairs and have successfully executed an attack to hijack and deface Google Bangladesh page. Hackers who claim to be part of a group called Team Pak Cyber Attackers have taken responsibility for the attack on a Google Bangladesh search engine domain. Before attacking the Google site, the hackers were known for carrying out attacks on other Google websites, including the Vietnamese homepage search engine. Though, the recent attack on the Bangladesh Google site was an effort to alert the world of their actions by posting a...

Posted on December 22, 2016 in Computer Security
1 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 1,126