Iwebs.site

Iwebs.site is presented to Web surfers as an intelligent and useful start page for Google Chrome, Opera, Mozilla Firefox and Internet Explorer. Iwebs.site appears to be aimed at users who travel a lot and offers quick suggestions generated by Booking.com based on your current location and recently entered search terms on Iwebs.site. The Iwebs.site does not provide search functionality on its own and serves as a redirect-gateway to Google.com, as well as provide links to portals like Imdb.com, Hulu.com, Pandora.com, Nytimes.com, Twitch.tv and Espn.com. The .site domains are promoted by domain registrars like name.com, GoDaddy.com, and Safenames.net as general-purpose domains which customers can use without any restrictions to meaning and content. In this case, Iwebs.site is used to claim pay-per-visit revenue from advertisers that...

Posted on November 18, 2016 in Browser Hijackers

Muzeen.com

Muzeen.com is a portal that offers search service to its visitors. The Muzeen.com portal was mentioned in reports from users that said their browser loaded Muzeen.com as their homepage and new tab page by default, automatically. Security researchers note that Muzeen.com is supported by advertisements and users may have installed an add-on to their browser that is published by partners of Muzeen.com. Often, program developers partner with search portals to deliver customized services and convince users to purchase a full version of their program. Scanners may detect the add-on related to Muzeen.com as a Potentially Unwanted Program (PUP) and a browser hijacker. The browser hijacking program associated with Muzeen.com may make modifications to your settings in Google Chrome, Internet Explorer, Opera and Mozilla Firefox. The add-on...

Posted on November 18, 2016 in Browser Hijackers

ShellLocker Ransomware

The ShellLocker Ransomware is a ransomware Trojan that has been associated with various attacks around the world. The ShellLocker Ransomware uses the .NET framework to carry out its attacks and is a clear copy of a known ransomware Trojan named ‘Exotic.’ Like most ransomware Trojans, the ShellLocker Ransomware will encrypt the victim’s files to demand a ransom. The ShellLocker Ransomware will rename the files that have been encrypted with a string of random characters and the extension ‘.L0cked.’ The ShellLocker Ransomware displays its ransom note in a pop-up window that appears on the victim’s computer. The ShellLocker Ransomware demands the payment of $100 in BitCoins to provide the means to decrypt the affected files. According to the ShellLocker Ransomware ransom note, if the payment...

Posted on November 18, 2016 in Ransomware

Floki

Floki is a harmful bot that seems to be a variant of the infamous ZeuS banking Trojan. Floki is being distributed on the Dark Web to carry out attacks. Floki was first observed in September of 2016 and is a relatively new type of attack being distributed on the Dark Web. At first glance, the Floki threat does not seem particularly unique or unsafe. However, it does seem that there is a real danger associated with Floki. Floki has appeared on underground forums and marketplaces in a variety of situations. Floki is being advertised heavily, which means that it is a fair bet to say that Floki will appear in the wild in increasing numbers through the end of 2016 and beginning of 2017. Considering the amount of information and resources available about Floki in the Dark Web and around the Internet, it is highly likely that Floki is...

Posted on November 17, 2016 in Trojans

‘.duhust Extension’ Ransomware

The ‘.duhust Extension’ Ransomware is a ransomware Trojan that is being used to target computer users around the world. PC security researchers suspect that the ‘.duhust Extension’ Ransomware is a variant of Globe , a known ransomware Trojan that has been active since Summer of 2016 in the wild. Variants of the ‘.duhust Extension’ Ransomware have been responsible for countless threat attacks around the world. Like its many predecessors, the ‘.duhust Extension’ Ransomware uses an attack that involves taking the victim’s files hostage and then demanding the payment of a ransom. The ‘.duhust Extension’ Ransomware and each other new variant of the original threat adds new layers of obfuscation, as well as changes the way the attack is delivered. The ‘.duhust...

Posted on November 17, 2016 in Ransomware

Dharma Ransomware

The Dharma Ransomware is an encryption ransomware Trojan that is being used to extort computer users. There have been numerous computers around the world that have been infected by the Dharma Ransomware. The Dharma Ransomware seems to target only the directories inside the Users directory on Windows, with encrypted files receiving the suffix [bitcoin143@india.com].dharma added to the end of each file name. Variants of the Dharma Ransomware will sometimes not have a ransom note. The Dharma Ransomware does not stop the affected computer from working properly, but every time a file is added to the targeted directories, it will be encrypted unless the Dharma Ransomware infection is removed. Some computer users have reported that the file being used to deliver the Dharma Ransomware also may be named ‘skanda.exe,’ although...

Posted on November 17, 2016 in Ransomware

ScanPOS

As the biggest shopping season of 2016 approaches, Black Friday and the weeks leading up to Christmas, PC security analysts have observed the appearance of a new POS (Point of Sale) threat that has been dubbed ScanPOS. ScanPOS has been associated with the Kronos banking Trojan. It seems that these campaigns appear every year right around the same time. Kronos is being distributed using spam email campaigns and compromised email attachments. Through these email campaigns, ScanPOS is being delivered as a secondary payload during the attack. The email campaigns being used to distribute ScanPOS were first observed on November 10 and November 14 of 2016, with tens of thousands of corrupted email messages targeting different economic sectors. These email campaigns did have effects around the world but were mostly targeted towards...

Posted on November 17, 2016 in Trojans

BonziBuddy Ransomware

The BonziBuddy Ransomware was discovered by malware researchers in the second week of November 20016. The BonziBuddy Ransomware was reported by victims of the Trojan who said that their data was encrypted and a program window titled ‘Bonzibuddy Says’ appeared on their desktops. Initial threat analysis did not uncover features that we have not seen already in threats such as the Gingerbread Ransomware and the HappyLocker Ransomware . Also, the name ‘BonziBuddy’ is likely to be taken from the BonziBuddy desktop assistant that was released in 1999 and was supported until 2004. Researchers suspect that the BonziBuddy Ransomware may be a test variant for an encryption Trojan that is being developed at the time of discovery. The code underneath BonziBuddy Ransomware did not include encryption functionality, but...

Posted on November 16, 2016 in Ransomware

Ransoc Screenlocker

The Ransoc Screenlocker is a Trojan that is adapted to browsers and desktops. Security researchers have come across versions of the Ransoc Screenlocker Trojan that are aimed at locking the desktop and Internet browser of the compromised user. The Ransoc Screenlocker Trojan resembles the functionality we have seen with the Sharecash Screenlocker and the zScreenlocker Ransomware . The Ransoc Screenlocker is designed to limit the user’s control of a particular application and the desktop as whole, displays a ‘Penalty Notice’ and demands the user pays $100 via direct credit card transaction. The Ransoc Screenlocker is dispersed among Windows OS users via malvertising campaigns and tools like the Nuclear Exploit Kit . Some researchers believe the Ransoc Screenlocker Trojan is the next generation of ransowmare due to...

Posted on November 16, 2016 in Ransomware

“Demo” Ransomware

Security researchers began talking about the “Demo” Ransomware when they discovered an encryption Trojan programmed to encode photos only. The “Demo” Ransomware detection name denotes an encryption Trojan that is most likely under development at the time of writing this. Analysts report that the “Demo” Ransomware was seen on the Dark Web and spam emails that were loaded with a macro-enabled DOCX file, which serves as your run-of-the-mill Trojan-Dropper. The “Demo” Ransomware is installed to a temporary folder on the primary system drive and a scan is initiated. The “Demo” Ransomware scans the computer for data containers in JPG format and adds them to a list that is used for the encryption procedure. We should note that variants of the “Demo” Ransomware are...

Posted on November 16, 2016 in Ransomware

Angela Merkel Ransomware

The current world political scene is clearly in turmoil. It is, therefore, no surprise that ransomware and other threats themed around different political figures are being released. Like the Donald Trump Ransomware and other, similar attacks, the Angela Merkel Ransomware is themed around the German prime minister. Apart from this theme, though, there is nothing to distinguish the Angela Merkel Ransomware from the countless other ransomware Trojans that are active in the wild currently. Like most ransomware Trojans, the Angela Merkel Ransomware is being distributed through the use of corrupted spam email attachments. These corrupted spam email attachments will often take advantage of corrupted scripts and vulnerabilities in macros to download and install the Angela Merkel Ransomware onto the victim’s computer. The Angela Merkel...

Posted on November 15, 2016 in Ransomware

Hackerman Ransomware

The Hackerman Ransomware is an encryption Trojan that supports a Spanish version and belongs to the Hidden tear family of ransomware. The Hackerman Ransomware is deployed to users by spam email with attached corrupted documents and malvertising campaigns. Internet users may be delivered messages that resemble payment notifications from online stores like Amazon and photos from social media like Instagram, which feature an attached PDF, DOCX and RAR file. These objects could be embedded with a corrupted JavaScript and macro that is designed to be run by Windows and result in the installation of the Hackerman Ransomware. Security researchers report that the Hackerman Ransomware is using open-source encryption resources that are modified to prevent detection by anti-malware shields. The Hackerman Ransomware features several layers of...

Posted on November 15, 2016 in Ransomware

Karma Ransomware

The Karma Ransomware is a Trojan equipped with an encryption engine that it uses to lock your data and demand money to release the correct key and decryption software. The Karma Ransomware Trojan is pushed to users via software bundling and corrupted advertisements. We have received reports that the Karma Ransomware may be delivered to users as a program named Windows-Tuneup, which users are lead to believe is a system optimizer. Researchers reveal that the campaign to release the Karma Ransomware is related to the Windows-tuneup.com site and users are advised to be extra careful when downloading software from unfamiliar pages. In-depth code analysis of the Karma Ransomware showed that the Trojan is developed by a programmed under the alias of SAFFRON-WOLF. There are not many cases where the authors of Ransomware leave their...

Posted on November 15, 2016 in Ransomware

YafunnLocker Ransomware

The YafunnLocker Ransomware is a ransomware Trojan that was first observed in November of 2016 by PC security analysts. Security analysts recommend that computer users take steps to protect their computers from the YafunnLocker Ransomware and the many other ransomware Trojans that are active in the wild currently. The YafunnLocker Ransomware carries out its attack by using an advanced encryption algorithm to lock the victim’s data. The YafunnLocker Ransomware may be distributed through the use of corrupted advertisements and links that lead computer users to websites containing an exploit kit. The RIG Exploit Kit , in particular, has been associated with recent YafunnLocker Ransomware attacks. The YafunnLocker Ransomware is based on the TeslaCrypt encryption ransomware Trojan, which was no longer developed after Spring of...

Posted on November 15, 2016 in Ransomware

Gingerbread Ransomware

The Gingerbread Ransomware, a ransomware Trojan uncovered in November of 2016, caught the attention of PC security analysts due to the uniqueness and bizarre nature of its ransom note background and image. The Gingerbread Ransomware uses a fairly typical attack, which is different from many ransomware Trojans in that it combines the RSA and XOR encryption to take over the victim’s files. Unfortunately, it may not be possible to recover the files that have been encrypted using the Gingerbread Ransomware currently. The Gingerbread Ransomware may be a variant of the ISHTAR Ransomware , which is part of a wave of ransomware attacks that are targeted toward computer users in Russian speaking countries. The Gingerbread Ransomware is being distributed through corrupted spam email messages. The Gingerbread Ransomware has numerous...

Posted on November 14, 2016 in Ransomware
1 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 1,118