SerbRansom Ransomware

The SerbRansom Ransomware is a ransomware Trojan that seems to be connected to the proponents of extremist nationalist ideas. The SerbRansom Ransomware is just one of various ransomware variants developed to carry out ransomware attacks on unsuspecting victims. Currently, the SerbRansom Ransomware does not seem to be part of a large-scale distribution campaign. Apart from the fact that there is no mass distribution being carried out in association with the SerbRansom Ransomware, the SerbRansom Ransomware threat itself is lower in quality than many other ransomware Trojans active currently. It seems that the SerbRansom Ransomware has not been responsible for actual attacks currently, although this could change eventually. The SerbRansom Ransomware displays a message designed to scare computer users into believing that the SerbRansom...

Posted on February 14, 2017 in Ransomware

Pabluk Locker Ransomware

The Pabluk Locker Ransomware is a ransomware Trojan that is designed to attack computer users located in Poland. The Pabluk Locker Ransomware carries out a typical ransomware attack, taking the victim’s computer hostage and requesting the payment of a ransom to restore access to the victim’s files. If the Pabluk Locker Ransomware has taken your computer hostage, malware analysts strongly advise the use of a security app that is fully up-to-date. Ransomware Trojans like the Pabluk Locker Ransomware have become common since 2015 increasingly, making it very important that computer users take adequate precautions to ensure that their machines are protected against this threat. The Pabluk Locker Ransomware is designed to attack computer users that speak Polish. It is likely that new variants of the Pabluk Locker Ransomware...

Posted on February 14, 2017 in Ransomware

CryptoKill Ransomware

The CryptoKill Ransomware is a ransomware Trojan based on HiddenTear, an open source ransomware project that was released in 2016 for ‘educational purposes’ publicly. Since this ransomware Trojan was first released, countless variants of it have been used to carry out attacks on computer users. The CryptoKill Ransomware and numerous other ransomware threats have used this public accessible code to create numerous variants of the same hoax. New variants of ransomware, many of them using HiddenTear as their basis, are released every day. The CryptoKill Ransomware is integrated with the TOR network to carry out payments and communications with its Command and Control server, making it an effective ransomware Trojan capable of carrying out harmful attacks on its victims. The most common way of distributing the CryptoKill...

Posted on February 13, 2017 in Ransomware

‘MSSecTeam’ Tech Support Scam

The ‘MSSecTeam’ tech support scam involves a lock screen meant to trick computer users into paying large amounts of money. The ‘MSSecTeam’ tech support scam uses a fake message from the ‘Microsoft’s Security Team’ to alert the victim that the affected computer’s files have been encrypted, and then demanding the payment of a ransom. According to the ‘MSSecTeam’ tech support scam message, the victim’s files were encrypted because of ‘illegal activity.’ The ‘MSSecTeam’ tech support scam message claims that the ZhuangZi encryption was used to lock down the victim’s files. This is a non-existent encryption method, used to scare computer users into paying a ransom of 0.5 BitCoin, which is sent to the email address mssecteam@sigaint.org. Apart...

Posted on February 13, 2017 in Trojans

Xampp Locker Ransomware

The ‘Xampp Locker’ Ransomware is a ransomware Trojan that was first observed on February 13, 2017. The ‘Xampp Locker’ Ransomware is written using .NET and is based on HiddenTear, an open source ransomware Trojan that has been the basis for countless ransomware variants in the last year. The ‘Xampp Locker’ Ransomware is capable of carrying effective ransomware attacks against both individual computer users and large-scale targets such as corporate networks and servers. The ‘Xampp Locker’ Ransomware can be distributed in a variety of ways, ranging from the exploitation of weak passwords to corrupted email attachments. Compromised documents distributed using emails are the most common way in which con artists may distribute the ‘Xampp Locker’ Ransomware and other ransomware...

Posted on February 13, 2017 in Ransomware

Search.suchwowgames.com

Search.suchwowgames.com is a portal that is maintained by Eightpoint Technologies Ltd. and used to host most of the features presented with the SuchWowGames desktop application as stated on Free.suchwowgames.com/home/terms?source=. The SuchWowGames desktop application may make alterations to the settings in Google Chrome, Internet Explorer and Mozilla Firefox. The SuchWowGames program may change your new tab page layout and default search provider on Google Chrome to Search.suchwowgames.com. Internet Explore and Mozilla Firefox may be urged by Eightpoint Technologies Ltd. to set Search.suchwowgames.com as their start page, as well not just new tab design and search provider. When you enter keywords in the address bar and the Omnibar you should expect suggestions by Search.suchwowgames.com to be provided on a panel at the bottom. The...

Posted on February 13, 2017 in Browser Hijackers

Startsearch.info

Startsearch.info is a search service that is powered by a custom Google search engine. The engine powering Startsearch.info can be found at cse.google.bg/cse?cx=partner-pub-1798186880065655:9232981728 and features the name ‘POISK’ that is Russian for ‘Search.’ The Startsearch.info portal is not a trusted search service and may relay traffic via Counter.yadro.ru , which is linked to several representatives of the adware family of programs. PC security researchers note that users infected with adware like Everysale and Coupondo may be redirected to Startsearch.info and have their default search provider hijacked. Additionally, Web filters have detected that Startsearch.info was compromised on several occasions and included an iFrame that attempted to install unsigned and potentially threatening software on...

Posted on February 10, 2017 in Browser Hijackers

Youhomepage.org

The Youhomepage.org and the Newbornkittens.online domains that you may load from ads should no be trusted. Both domains may be used for misleading marketing campaigns that may lead users to spend hundreds of dollars on premium phone services, fake lotteries, and replicas of premium smartphones. Youhomepage.org and the Newbornkittens.online are reported by users who were suggested to complete a short questionnaire and participate in a lottery that would result in five lucky gentlemen and ladies getting an iPhone. Users that loaded Youhomepage.org and the Newbornkittens.online were welcomed to ask questions about Google, Microsoft, Facebook and Instagram. They had to choose from three answers and, regardless of their correct or incorrect choice, they would be redirected to pages like monclerfroutlets.com and suggested to provide their...

Posted on February 10, 2017 in Browser Hijackers

Fadesoft Ransomware

The Fadesoft Ransomware was first observed on February 9, 2017. The Fadesoft Ransomware seems to be related to the Erebus 2017 Ransomware , another known ransomware Trojan. These two, and the ever-merging other ransomware threats share a tactic that allows them to bypass the User Account Control (UAC) on the targeted computer and communicate with Command and Control servers using TOR. To bypass the UAC, the Fadesoft Ransomware alters the infected computer’s Registry to associate certain file types with the Fadesoft Ransomware’s executable, which then prompts the infected computer to run the Fadesoft Ransomware without activating the UAC. The Fadesoft Ransomware receives its name because the word ‘Fadesoft’ appears several times in the Fadesoft Ransomware’s code. When the Fadesoft Ransomware is...

Posted on February 10, 2017 in Ransomware

FPSeek.com

The Fpseek.com search portal is presented to users who value the Microsoft’s Bing and wish to explore an improved version of the search service. Web surfers may be interested to know that Fpseek.com is appraised quite a lot and is promoted to offer the best search results on the Open Web as stated on info.fpseek.com/AboutUs: ‘fpseek is an enhanced online search experience used by our users worldwide. Fast, simple, and easy to use, fpseek offers the best search results from across the web. Thanks to our collaboration with leading software providers, you can choose to install fpseek during setup and benefit from better online searches on your browser.’ The Fpseek.com site is associated with a browser add-on available for Google Chrome, Mozilla Firefox and Internet Explorer. The add-on may alter your new tab,...

Posted on February 10, 2017 in Browser Hijackers

Social Media Phishing Attacks Rise 500% in 2016 According to Startling Report

Social media has changed the world and how we communicate as we know it. Surprisingly, it has yet to be seen or definitively proven if social media has made everyone’s life better. While there are several ugly sides of social networks and social media, there is one apparent issue that has rose to show its face. The ugly face of social media has arisen in the form of surmounting phishing attacks taking place over multiple channels of the social Internet world. In fact, social media phishing, according to Proofpoint’s Quarterly Threat Summary from the last quarter of 2016, reveals that social media phishing attacks have climbed 500% throughout 2016. Phishing has long been a credible threat to unsuspecting computer users in that the act involves presenting a user with a bogus login page that mimics a legitimate login site...

Posted on February 9, 2017 in Computer Security

RunBooster

The RunBooster program by SkyNET Corporation has no official page and does not provide a contact information or a valid digital certificate. All the regular user has access to is its name and program files that appear to communicate with remote servers. Additionally, users may be flooded with marketing materials that carry slogans like ‘Ads by RunBooster,’ ‘Ads powered by RunBooster’ and ‘Sponsored by RunBooster.’ Computer security researchers alert that RunBooster is an adware that may be installed through free software bundles and fake update packages for Adobe Flash and Java. The RunBooster adware may use files with random names to avoid detection by AV scanners. There are hundreds of samples of the RunBooster adware that suggest the program is used to drive traffic to various shopping sites and...

Posted on February 9, 2017 in Adware

Ultimate Shopping Search

The Ultimate Shopping Search software is developed by the controversial company Saphire Max Media Co. Ltd. that released a browser with a built-in ad-blocker (Nomad Adblocker Browser) and a browser add-on (LottaDeals) that provides shopping recommendations for users in Germany. The Ultimate Shopping Search software is marketed as a shopping helper that is aimed at users based in the United States of America. Ultimate Shopping Search is a relative compact extension for Mozilla Firefox and Google Chrome users that manifests as a toolbar icon, which provides a search box. The input in the search box provided by the Ultimate Shopping Search extension leads users to a custom version of Yahoo! at Us.search.yahoo.com that include deals, coupons, and discounts suited to your area. The Ultimate Shopping Search by Saphire Max Media Co. Ltd. is...

Posted on February 9, 2017 in Browser Hijackers

DynA-Crypt Ransomware

The DynA-Crypt Ransomware refers to ransomware Trojans that are created using a ransomware creation key that is known as the ‘Dynamite Malware Creation Kit.’ The DynA-Crypt Ransomware encrypts the victims’ files using the AES encryption and identifies the files that have been encrypted with the file extension ‘.crypt.’ After encrypting the victim’s files, the DynA-Crypt Ransomware displays a pop-up window that demands a ransom payment from the victim. During the attack, the DynA-Crypt Ransomware can disable numerous Windows features and software, such as the Windows Task Manager or the Windows Firewall, delete software from the victim’s computer, and collect passwords that could be stored in the victim’s Web browsers. This sets the DynA-Crypt Ransomware apart from other ransomware Trojans...

Posted on February 9, 2017 in Ransomware

Digisom Ransomware

The Digisom Ransomware is a ransomware Trojan that enters a computer silently, without alerting the victim of its presence until the attack has been carried out. Like other ransomware Trojans, the Digisom Ransomware encrypts the victim’s files and then demands the payment of a ransom in exchange for the decryption key required to restore the affected files. During its encryption attack, the Digisom Ransomware will rename the affected files by appending the string ‘[three random characters].x’ to the end of the file’s extension. After encrypting the victim’s files, the Digisom Ransomware will alter the infected computer’s Desktop image so that it becomes a black screen, and drops ten text files on the Desktop with names like ‘the Digisom Readme0.txt,’ ‘the Digisom Readme1.txt,’...

Posted on February 9, 2017 in Ransomware
1 2 3 4 5 6 7 8 9 10 11 12 13 1,126