FullTab New Tab

The FullTab New Tab extension is a product of Imali Media Ltd., which you may know for arbitrary software such as FunMediaTab and TvNewTab . FullTab New Tab by Imali Media Ltd. may be promoted to users via banners and pop-up windows powered by Alldownloads.motioned.xyz. The FullTab New Tab software may integrate into the browser and support Mozilla Firefox and Google Chrome. The version of FullTab New Tab for Firefox is displayed in the Add-ons Manager as FullTab Extension by Dan Lint while the version for Chrome is titled FullTab 0.4.2. FullTab New Tab is advertised as the perfect extension for users who like to spend most of their time online on social media services like Facebook and Twitter, as well as browse videos on platforms like YouTube and Vimeo. If you compare SocialNewPage and FullTab New Tab that are developed by...

Posted on January 5, 2017 in Possibly Unwanted Program

KoKo Locker Ransomware

The ‘KoKo Locker’ Ransomware is a Trojan that is used to encrypt the victims’ files. The ‘KoKo Locker’ Ransomware is an encryption ransomware Trojan. Essentially, the ‘KoKo Locker’ Ransomware encrypts the victims’ files to demand ransom in exchange for the decryption key. PC security researchers strongly advise computer users to avoid paying the ‘KoKo Locker’ Ransomware ransom and take preemptive measures to be protected against these attacks. The ‘KoKo Locker’ Ransomware may be delivered using corrupted email attachments. Once the ‘KoKo Locker’ Ransomware has carried out its attack, the ‘KoKo Locker’ Ransomware displays the following ransom note: ‘— KoKoKrypt — All of your personal data got encrypted by KokoKrypt!...

Posted on January 4, 2017 in Ransomware

Moosjs.cn

Moosjs.cn is a low-quality search engine that is associated with a Potentially Unwanted Program (PUP). Moosjs.cn looks like a real search engine, but it is designed to deliver advertisements and lead computer users to low-quality websites instead of responding to the computer user’s search queries. Computer users may find that their Web browser forces them to visit Moosjs.cn repeatedly and that their default websites may have been changed to Moosjs.cn automatically. PUPs associated with Moosjs.cn may affect most Web browsers on the Windows operating system, including Google Chrome, Internet Explorer, Microsoft Edge and Mozilla Firefox. One potentially worrying aspect of Moosjs.cn and its associated content is that content linked to Moosjs.cn may track the computer users’ online activities and send them to a third-party for...

Posted on January 4, 2017 in Browser Hijackers

Potential InterContinental Hotels Data Breach Puts Customer Credit Card Data at Risk

It’s a new year, and with a new year comes new cases of data breaches, such as the one that has allegedly taken place within InterContinental Hotels systems. Reports initiating from KrebsOnSecurity reportedly claim that the InterContinental Hotels Group (IHG) is aware of a potential security breach in their system that may have spilled the credit card details of an unknown number of customers. Currently, an investigation has been launched to find out if a potential data breach that took place on IHG systems has compromised customer credit card data. Among the locations targeted, Holiday Inn and Holiday Express hotels, part of the IHG chain of hotels, are two of the possible locations that had Point-of-Sale (POS) malware installed on their systems, which is known to allow hackers to infiltrate a system and steal credit card...

Posted on January 4, 2017 in Computer Security

BTCamant Ransomware

The BTCamant Ransomware is an encryption Trojan that was discovered in the first week of January 2016. An executable that belongs to the BTCamant Ransomware was submitted to the Google’s VirusTotal platform and allowed security researchers to look into the development of the BTCamant Ransomware. At the time of writing this, the BTCamant Ransomware is still in development and features a rudimentary control panel that is accessible through CMD only. The version submitted to VT works as a batch file that can be run with a command via CMD.exe on Windows. Some researchers suspect that the engine of the BTCamant Ransomware is developed as a compact batch script and was submitted to VT so that its author can check if it is detected by anti-virus software. The initial release used the icon file of the Browser Google Chrome when it was...

Posted on January 4, 2017 in Ransomware

Red Alert Ransomware

The Red Alert Ransomware is a standard encryption Trojan that is named after the ‘RED ALERT’ warning it displays once it completes the encoding process. The Red Alert Ransomware functions similarly to the JuicyLemon Ransomware and changes the user’s desktop background as a way to notify the user of encrypted data on the PC. The standard medium used to install the Red Alert Ransomware is a corrupted document that you are lead to believe is a payment confirmation and an order receipt from an online store like Amazon. Spam emails that feature logos from online stores and cyber security vendors are employed by the distributors of the Red Alert Ransomware to welcome users to double-click a macro-enabled document. The Red Alert Ransomware is based on the HiddenTear project published by Utku Sen as ‘educational...

Posted on January 4, 2017 in Ransomware

Erebus Ransomware

The Erebus Ransomware joins the pantheon of encryption Trojans named after deities like Thor , Osiris and Mahasaraswati . The Erebus Ransomware is named after the Greek god Erebus (also Erebos) who was born out of Chaos and embodies the primordial darkness. Initial threat assessment of the Erebus Ransomware did not reveal connections to other crypto-threats. The Erebus Ransomware appears to be a new project, and we may see new variants of the Trojan. The Erebus Ransomware may be a new actor in the theater of ransomware, but its behavior is nothing more or less than standard compared to other well-known encryption Trojans. The only trait worth of note is that the Erebus Ransomware is using a combination of the RSA-2048 and the AES-256 ciphers to handle the encryption process. The Erebus Ransomware is distributed the same way as most...

Posted on January 4, 2017 in Ransomware

Alphabet Ransomware

The Alphabet Ransomware is a Trojan that does not support encryption and uses a lock screen instead. The behavior of the Alphabet Ransomware reminds the Manifestus Ransomware and the Fantom Ransomware , which employ deceiving images and lock screen features to convince users to deliver payment to a wallet address. PC security analysts classify the Alphabet Ransomware Trojan as a Screen Locker. However, some analysts report that they have seen versions of the Alphabet Ransomware that encrypt data. Computer users should keep their guard up and avoid spam emails that recommend the download of a text document. In-depth threat analysis shows that the Alphabet Screen Locker is under development and we may see two separate versions. Contemporary ransomware is designed to be easy to modify, and we see many variants released daily....

Posted on January 4, 2017 in Ransomware

GOG Ransomware

The GOG Ransomware has nothing to do with the GOG.com store for DRM-free games and goodies. The GOG Ransomware is named after an image that says ‘THE GOG RANSOMWARE,’ which was found in the resource section of its primary executable. The GOG Ransomware was reported in the last days of December 2016 and appears to be yet another crypto-threat. Cyber security analysts note that the GOG Ransomware is not a unique threat and its functionality is rather straightforward. The GOG Ransomware is installed on computers via spam emails loaded with corrupted text documents. Samples recovered from phishing emails suggest the distribution campaign for the GOG Ransomware includes logos from banking institutions, social media, online stores and NGOs. Computer users that allow a macro from untrusted source to run on their PCs may...

Posted on January 4, 2017 in Ransomware

‘Merry X-Mas!’ Ransomware

The ‘Merry X-Mas!’ Ransomware receives its name because of the title of its ransom note. Victims of the ‘Merry X-Mas!’ Ransomware have reported that their files become encrypted during the attack and a ransom note is displayed wishing them a Merry Christmas. The ‘Merry X-Mas!’ Ransomware is being distributed through spam email messages. The spam email campaign associated with the ‘Merry X-Mas!’ Ransomware seems to impersonate a claim from the Federal Trade Commission, accusing the victim of violating the law and instructing the victim to click on an embedded link. Computer users will note that the domain used to send the email is ftc.gov.uk, which does not exist. After all, a domain located in the United Kingdom would not make sense for an agency of the United States government! Clicking...

Posted on January 3, 2017 in Ransomware

Globe Imposter Ransomware

The ‘Globe Imposter’ Ransomware is a ransomware Trojan that was first observed in the last weeks of 2016. The ‘Globe Imposter’ Ransomware is a bogus version of Globe Ransomware, a well-known ransomware Trojan. Hiding a less efficient threat by disguising it as a more powerful or better- known threat is a common deception method used by con artists, and this method was used before in ransomware attacks. For example, there are countless ransomware variants that impersonate the well-known CryptoLocker ransomware Trojan, despite using a less powerful encryption or not using encryption at all. The ‘Globe Imposter’ Ransomware is typically spread using corrupted email attachments that use macros to download and install the ‘Globe Imposter’ Ransomware on the victim’s computer. Disabling...

Posted on January 3, 2017 in Ransomware

OpenToYou Ransomware

The OpenToYou Ransomware is an encryption ransomware Trojan that is used to force computer users to pay large sums. To carry out this attack, the OpenToYou Ransomware encrypts its victim’s files, making them inaccessible without the decryption key. Victims of the OpenToYou Ransomware attack are charged a ransom in exchange for the decryption key, which is stored on the Command and Control servers of theOpenToYou Ransomware Trojan. While it may be impossible to recover the files affected by encryption ransomware Trojans like the OpenToYou Ransomware, malware researchers have released a free decryption program for the OpenToYou Ransomware. This gives computer users affected by the OpenToYou Ransomware a way out without needing to pay the OpenToYou Ransomware ransom or to restore files from a backup copy. There are countless...

Posted on January 3, 2017 in Ransomware

Antivirus 10

Antivirus 10 is a fake anti-virus application that is used to scare inexperienced computer users. Although Antivirus 10 looks like an anti-virus program, it is a Trojan designed to trick computer users into paying for its services. These programs, known as rogue anti-malware applications, are a common tactic that has been around for more than a decade. Antivirus 10 does not have the capacity to detect or remove threats. All notifications and ‘scan results’ from Antivirus 10 should be ignored. Antivirus 10 itself should be removed with a real security program that is fully up-to-date. Antivirus 10 is designed to scare computer users. To do this, it will display bogus security notifications worded so as to make computer users believe that their computers have become infected with threats. Below are some examples of the...

Posted on January 3, 2017 in Rogue Anti-Virus Program

EdgeLocker Ransomware

The EdgeLocker Ransomware is an encryption ransomware Trojan. Threats like the EdgeLocker Ransomware enter a computer and take it hostage until the victim pays a large sum. To take the victim’s computer hostage, the EdgeLocker Ransomware encrypts the victim’s files using a strong encryption algorithm. The encrypted files become inaccessible without the decryption key, which the con artists hold in their possession. The EdgeLocker Ransomware represents a real threat to the computer users’ data, and preventive steps should be taken to limit the damage of a possible EdgeLocker Ransomware attack. The EdgeLocker Ransomware is designed to enter the victim’s computer undetected, delivered in a corrupted spam email attachment. During its attack, the EdgeLocker Ransomware uses the RSA encryption to make the...

Posted on January 2, 2017 in Ransomware

Grandburst.com

The Grandburst.com portal serves as the official page for the Grand Burst extension. The Grand Burst extension supports Internet clients based on the Chromium project, which includes Google Chrome, SRWare Iron, Vivaldi, Epic Browser, Yandex Browser and Opera. You may see the extension from Grandburst.com listed as Grand Burst Chrome New Tab Extension in software packages that include programs from third parties. Software bundling is a tactic used by freeware and shareware developers to help each other reach more Windows users. The practice is abused by adware developers as well, who hope that many users would rush the installation using the ‘Express’ or ‘Typical’ option and allow a potentially unwanted program to work on the computer. The Grand Burst extension is promoted as a suite of customizations to the...

Posted on December 30, 2016 in Possibly Unwanted Program