Video Abductor

The Video Abductor software from the team at videoabductor.com is offered to PC users for free for personal use and allows them to download video content from platforms like YouTube, VEVO, Facebook, Instagram, Twitter and Vimeo. Video Abductor may run on the latest versions of Windows OS and comes with a self-updater module so that you don’t have to visit videoabductor.com and re-install the desktop app all over again. However, Video Abductor is deemed as a Potentially Unwanted Program (PUP) that you may want to reconsider installing because it is bundled with the Chocolatey (chocolatey.org) package manager and you may find unknown programs running on your system. Chocolatey is a legitimate package manager that allows software developers to push updates to their users but you might not be notified of new components and...

Posted on March 17, 2017 in Possibly Unwanted Program

GoaSave

If you experience pop-up messages that say ‘Ad by GoaSave,’ ‘Powered by GoaSave,’ and ‘Sponsored by GoaSave’ you may be infected with adware. The GoaSave adware is spread among users with the help of free software packages. Computer users that do not bother to explore the ‘Advanced’ and ‘Custom’ option of program installers may allow the installation of unwanted components and adware like GoaSave and Clip Clip Save . You may be suggested that GoaSave is a suitable shopping helper, but the fact is that GoaSave may show all various types of advertisements on your screen and claim pay-per-click revenue. Threats like GoaSave may run in the background and lack a program interface that you may be able to access. The GoaSave adware is able to generate an overlay on top of the...

Posted on March 17, 2017 in Adware

Russian Hackers and Spies Charged for Yahoo’s 2014 Hacking that Exposed 500 Million Accounts

There is no doubt that the 2014 Yahoo hacking incident that was found to expose 500 million user accounts was a major disappointment and tragedy for the users affected by the massive data breach. Not only did Yahoo keep the hacking incident from the public for a couple of years, but the hackers responsible for the attack are looking to face serious charges as the US Department of Justice is coming down on the four individuals hard. Just this week, the US Department of Justice made an announcement just after rumors of an indictment that they have criminally charged Russian officials for the cyber attack on Yahoo that took place in 2014 and expose 500 million user accounts. Two individuals, Dmitry Dokuchaev and Igor Sushchin, are being identified as officers of the Russian Federal Security Service (FSB), a successor of the KGB,...

Posted on March 16, 2017 in Computer Security

Karmen Ransomware

The Karmen Ransomware is a ransomware Trojan that is part of a RaaS (Ransomware as a Service) campaign. The Karmen Ransomware administrates its Command and Control servers, payment, and various other aspects of the attack. However, con artists may take charge of distributing the Karmen Ransomware through their networks by hiring the ransomware creators instead of creating the ransomware Trojans themselves. Typically, ransomware Trojans like the Karmen Ransomware are distributed through corrupted spam email attachments and various known tactics, such as bogus software distributed on Torrent networks or hacking into poorly protected computers directly. The Karmen Ransomware was first observed on March 2017 being used in attacks against computer users in English and German speaking regions. This, however, does not mean that computer...

Posted on March 16, 2017 in Ransomware

Revenge Ransomware

The Revenge Ransomware is a variant of CryptoMix and CryptFile2. The Revenge Ransomware is being distributed using the RIG Exploit Kit , and being installed on the victims’ computers automatically. In most cases, the Revenge Ransomware will be installed after the victim is redirected to a website that has been compromised with the RIG Exploit Kit. Victims are directed to those pages using corrupted Java scripts that attempt to leverage various vulnerabilities to install the Revenge Ransomware on the victims’ computers immediately. Once the Revenge Ransomware has entered the victim’s computer, it will create a unique ID for the victim’s computer. The Revenge Ransomware seems to be engineered to target databases, making it particularly destructive when it comes to enterprise networks and Web servers. To...

Posted on March 16, 2017 in Ransomware

Crypt0L0cker Ransomware

PC security researchers have noticed the return of the Crypt0L0cker Ransomware, now with a threat campaign that is targeting computer users located in Europe. In 2014, the Crypt0L0cker Ransomware was the most common ransomware Trojan in Europe and Australia (although known by a different name). In the middle of 2015, however, there was a decline in the Crypt0L0cker Ransomware attacks and distribution. Now, in February 2017, the Crypt0L0cker Ransomware is returning, attacking computer users located in Europe again. PC security analysts have received requests for help with the Crypt0L0cker Ransomware attack. In January and February 2017 the Crypt0L0cker Ransomware infections rose substantially, with hundreds of new attacks around the world in a very small span. The Crypt0L0cker Ransomware attacks being observed today are variants of...

Posted on March 16, 2017 in Ransomware

Turkish Ransomware

The Turkish Ransomware is a ransomware Trojan that has only been observed in a version in Turkish. PC security researchers first received reports of the Turkish Ransomware on March 15, 2017. The Turkish Ransomware is designed to attack computers using Windows and located in Europe. The Turkish Ransomware seems to be a one-off attack and does not seem to have variants or belong to a broader family of ransomware Trojans (although much of its code is recycled, as it happens with most of these attacks). Although the Turkish Ransomware can be delivered in a wide variety of ways, it is likely that the Turkish Ransomware attacks are being distributed through the use of corrupted links and attachments contained in spam email messages currently. The Turkish Ransomware is typical ransomware Trojan that carries out an attack similar to most...

Posted on March 16, 2017 in Ransomware

Malware Infections Surge on Tuesday in Areas Hit Hard by Winter Storm Stella

In addition to dumping more than three feet of snow in some areas of the Northeast, Winter Storm Stella may also be to blame for a spike in malware infections. Computer users who were snowed in went online and ended up with more infections than usual. That’s according to data released today by Enigma Software Group (ESG), makers of the SpyHunter anti-spyware program. ESG looked at malware detection data from SpyHunter focusing in the northeast area and compared them to data in the days leading up to the storm. They found infections spiked anywhere from 15 to more than 90 percent in some areas hit hard by the storm . “Any time we see a large number of people change their online habits, we see a change in infections,” said ESG spokesperson Ryan Gerding. “On Tuesday you had millions of people who stayed home...

Posted on March 15, 2017 in Computer Security

Project34 Ransomware

The Project34 Ransomware is a ransomware Trojan. Like other encryption ransomware infections, the Project34 Ransomware is designed to make the victims’ files inaccessible. To do this, the Project34 Ransomware encrypts them using a strong encryption algorithm. Then, the victim is asked to pay a large ransom to recover the affected files. PC security researchers first received reports of the Project34 Ransomware infections on March 13, 2017. The Project34 Ransomware is designed to attack computers using the Windows operating system. The Project34 Ransomware attacks seem to be centered in Asia, particularly in Central Asia and Russian-speaking countries. The countries where the Project34 Ransomware attacks have been reported include Russia, Kazakhstan, Ukraine, Iran, Uzbekistan, Kyrgyzstan and Azerbaijan. The Project34...

Posted on March 15, 2017 in Ransomware

Cryptolocker 1.0.0 Ransomware

The Cryptolocker 1.0.0 Ransomware is a ransomware Trojan that originated in Turkey, and was created by a programmer that is known as ‘Alp.’ The Cryptolocker 1.0.0 Ransomware is an upgrade of CryptoLocker , a well-known ransomware Trojan that was first observed in 2013. This ransomware Trojan was in development through the end of 2015, when its development was interrupted. Apparently, the Cryptolocker 1.0.0 Ransomware is part of an effort to return to the development of this well-known threat. The Cryptolocker 1.0.0 Ransomware uses the RSA-2048 encryption, a strong obfuscation procedure, a different packaging and interface, and an effective ransomware attack. The Cryptolocker 1.0.0 Ransomware is being distributed using social engineering techniques and corrupted email attachments. The Cryptolocker 1.0.0 Ransomware...

Posted on March 15, 2017 in Ransomware

PetrWrap Ransomware

The PetrWrap Ransomware is a ransomware Trojan that seems to be derived from Petya, a well-known ransomware Trojan. The PetrWrap Ransomware seems to be a heavily modified version of this threat, and it is not likely that the same people as Petya created the PetrWrap Ransomware. The PetrWrap Ransomware is being used in targeted attacks against small businesses and other organizations. The PetrWrap Ransomware is being used to attack corporate networks, high-profile targets for these attackers. Con artists are using the Windows PsExec utility to hack into the victims’ servers and computers and then install the PetrWrap Ransomware. It is unlikely that the PetrWrap Ransomware is an official version of Petya. Instead, it is likely that a third-party has taken the code of Petya and then adapted it to carry out their own attack....

Posted on March 15, 2017 in Ransomware

Faststartpage.com

The Faststartpage.com site is presented to Web surfers as a welcoming search service that can help them discover whatever they are looking for. Faststartpage.com features a text box, a ‘search’ button and a logo that is reminiscent of the Google logo with its usage of the same color composition and similar font. Moreover, the search provided at Faststartpage.com is not patented under an independent brand. Web surfers that load Faststartpage.com are given access to a customized Google search under the logo of Faststartpage.com. You should not expect the functionality present at Google.com because the custom search provided via Faststartpage.com is very limited. You are redirected to a customized version of cse.google.com where you are presented with two options to sort results ‘Sort by Relevance’ and ‘Sort...

Posted on March 15, 2017 in Browser Hijackers

Dangerous Ransomware

The Dangerous Ransomware is a ransomware Trojan that encrypts the victims’ files as part of its attack. The Dangerous Ransomware uses a similar approach as countless encryption ransomware Trojans, which involves encrypting the victim’s files to take them hostage so that it can demand the payment of a ransom in exchange for the decryption key. These threats have increased in number and popularity since 2015 and pose a significant threat to the computer users’ data. The Dangerous Ransomware was first observed in Russia on March 9, 2017. The Dangerous Ransomware is being distributed through the use of corrupted spam email attachments, which abuse macros to execute compromised code on victims’ computer. This is a distribution tactic that is quite common, and that has been linked to various encryption ransomware...

Posted on March 14, 2017 in Ransomware

RozaLocker Ransomware

The RozaLocker Ransomware is a Trojan that targets computer users in Asia primarily. The RozaLocker Ransomware is designed to target computers using Windows, and its first victims were located in Russia. These initial infections seem to have been contracted after computer users installed a free ‘game’ credited to Alexander Render (Саши Рендера). This corrupted game, delivered in an executable file named ‘Setup.exe’ contains no information about the game itself. The RozaLocker Ransomware is carried out by ‘trainer.exe’ that is installed by the setup file. In many cases, a UAC (User Account Control) alert will pop up, which can help some computer users prevent the installation of the RozaLocker Ransomware on their computers. This is typical of less sophisticated threats that cannot bypass UAC. The...

Posted on March 14, 2017 in Ransomware

Movie Goat Default Search

The Movie Goat Default Search extension that you may find at moviegoat.com is promoted as a tool that gives you direct access to the latest news from Hollywood, Bollywood, and cinemas around the world. You may be surprised to hear that the moviegoat.com site is promoted as an alternative to popular platforms like YouTube, Vimeo and Dailymotion. However, the site was registered on December 4th, 2016 and does not appear to be supported nearly as much as its competitors. Moreover, the Movie Goat Default Search is deemed as a Potentially Unwanted program (PUP) that may change your default search provider to Feed.moviegoat.com and load Search.moviegoat.com as your new tab page and start page. Users may install the Movie Goat Default Search extension through freeware bundles primarily since the main site moviegoat.com does not appear to...

Posted on March 14, 2017 in Possibly Unwanted Program