WebDiscover Browser is an adware threat developed by a Canada-based company named WebDiscover Media. Once installed on a PC, the malicious app makes a series of unwanted changes to all browsers installed on the computer, leading to a deteriorating online surfing experience. WebDiscover replaces the default home pages and search engines of affected Internet browsers with its own WebDiscover Homepage and WebDiscover Search, respectively. Furthermore, the malicious app modifies the “new tab” settings so that the corrupted browsers launch the malware's own search portal page when the user opens a new tab. Chrome users may not even recognize WebDiscover as an unwanted program and think they...

Getting an OS system error message while working on a project can be quite an unpleasant surprise. Whether relating to MS Windows, or Mac OS, such a bug is always bound to disrupt your normal computer work. While some errors tend to be system-specific, others can affect both Windows and Mac-based systems, albeit designating totally different problems. The so-called Code 43 error message, for example, is primarily associated with device driver problems in Windows PCs, on the one hand, and file transfer issues on Mac machines, on the other. If you are using Windows and looking for a way to fix this specific error, click here for a guide with possible solutions. If you are a Mac user,...

The APT (Advanced Persistent Threat) group was spotted sending out spear-phishing emails that allegedly have detailed information about COVID-19, a.k.a. Coronavirus, but instead, they infect the victims with a custom remote access Trojan (RAT). The group is using the coronavirus pandemic to infect unsuspecting victims with a previously unseen malware. The malware is dubbed 'Vicious Panda' by researchers, with the attackers using it in a campaign at the moment. Researchers managed to find two Rich Text Format (RTF) files that were targeting the Mongolian public sector during the outbreak. Once the files are open, a unique and custom-made remote access Trojan is executed. It develops a list...

Ransomware threats often target unsuspecting users at random, using different propagation tricks. However, this is not the case with the newly uncovered WastedLocker Ransomware. It would appear that the WastedLocker Ransomware only goes after businesses located in the United States. After security experts studied this new file-locker, they found that it is likely created by the cybercriminals that developed and distributed the notorious Dridex banking Trojan. According to researchers, the con-artists in question have also launched campaigns propagating the BitPaymer Ransomware and the Locky Ransomware. This Week In Malware Ep 13: Evil Corp Hackers Blocked from Deploying WastedLocker Ransomware Recently, authors of ransomware threats have been using a new trick to further pressure their victims into paying the ransom fee. Many...

The Pykw Ransomware is a brand-new file-locker that appears to go after users at random. Instead of selecting their victims carefully, the authors of the Pykw Ransomware are trying to propagate this threat as far and wide as possible. The more users it affects, the more likely it is for the Pykw Ransomware creators to generate significant revenue. This new file-locker is a variant of the infamous STOP Ransomware. Propagation and Encryption If you fall victim to the Pykw Ransomware, your system will be scanned and your data located. This is done right before the Pykw Ransomware triggers the encryption process. This nasty Trojan would use a secure encryption algorithm to lock the targeted files. Threats like the Pykw Ransomware usually go after a wide variety of filetypes, which include .mp3, .aac, .midi, .mid, .wav, .mov, .webm, .mp4,...

IT Ransomware is a brand-new data-locking Trojan that appears to be a rather basic project. This file-locker is also known as the CobraLocker Ransomware. Despite not being a very high-end threat, the IT Ransomware is fully capable of causing significant damage to its targets. Unfortunately, the IT Ransomware does not appear to be decryptable for free. Propagation and Encryption Threats like the IT Ransomware often go after a variety of filetypes that are likely to be present on the system of every regular user. This means that the IT Ransomware will not spare any images, documents, presentations, databases, spreadsheets, archives, audio files, videos and other filetypes that are common. As a result of an attack by the IT Ransomware, the majority of your data will be encrypted with a secure encryption algorithm. Every file that gets...

Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm, Symantec, has discovered specific factors that determine why a certain country is plagued with cybercrime more so or less than another which allowed them to come up with a ranking for each. Symantec has ranked 20 countries that face, or cause, the most cybercrime. In compiling such a list, Symantec was able to quantify software code that interferes with a computer's normal functions, rank zombie systems, and observe the number of websites that host phishing sites, which are designed to trick computer users into disclosing personal data or banking...

Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles, the days of robbing banks in person are gone and now it all takes place behind a screen of a computer connected to the Internet. The Internet can be the most useful tool in business, school or every-day life. At the same time, the Internet can make someone's life a living hell in the event that one becomes the next victim of a cybercrime. A large percentage of the world's population that uses computers over the Internet are aware of cybercrime and the consequences that they may face if they succumb to a cybercriminals' trap. Others who have no clue as to the dangers they...

A typical deceptive campaign is disguising harmful threats as legitimate security programs in order to steal money from inexperienced victims. AntiMalware is a particularly short-named version of this campaign, with clones with names such as Active Security and Total Security. AntiMalware uses an interface that is very similar to the Windows Defender and legitimate Microsoft security programs, to make the victim believe that AntiMalware is a legitimate anti-malware application. Observing AntiMalware's design, you will quickly spot authentic-looking Windows and Microsoft Security Essentials logos as well as a layout that may seem familiar to most users of legitimate Microsoft Security...

Computer users that see a site named Nraddramatica.club may become a victim of a well-used social engineering scheme. The Nraddramatica.club site will display pop-up notifications trying to induce unsuspecting users to subscribe to its alerts, promising them some advantage. Nraddramatica.club may use a tactic known as 'Click here to prove you are not a robot.' These unwanted websites exhibit these notifications to trick users into allowing Nraddramatica.club to display as many notifications it wants. If the PC users decide to allow it, Nraddramatica.club will use its privileges to spam the users with a flood of unwanted advertisements by using their browser. These advertisements may become a nuisance since they may cover parts of the content of the websites the users are trying to read. Even when the browser is disabled, the...

Users who land on Agendant.club may soon fall victim to a social engineering tactic. The website will generate pop-up notifications tempting the unsuspecting users to subscribe to its alerts for some vague benefit, or it may even try to trick them through a 'Click here to prove you are not a robot' message. No matter what the actual text is, the goal of these notifications is to trick the users into giving Agendant.club push notification permissions. If allowed, Agendant.club will then abuse its privileges to spam the user with a stream of unwanted advertisements directly in the browser. The advertisements may even start covering up some of the content of the websites. Even closing the browser altogether will not mitigate the influx of advertisements. While these social tactics are not that unsafe, clicking on any of the advertisements...

Companice.club is a fake website that uses social engineering tricks to fool the user into giving it permission to show push notifications. The result of this is that anyone who falls for it will now experience a stream of unsolicited advertisements being displayed into their browser directly. Companice.club will have sufficient permissions so that even if the user decides to close their browser, that will not stop the pop-up advertisements from being generated on their screen. Users are strongly advised not to subscribe to any alerts offered by Companice.club. They shouldn't click on any of the notification messages displayed on the website, either. One possible notification displayed by Companice.club is: Сompanice.club wants to Show notifications Please Press Allow to Continue Watch! The site also may claim that users should click...

Lwhitectionphy.club has been discovered to be a browser hijacker with the intent of gaining access to display notifications on the screen of computers plagued with browser hijacker components. Such components related to Lwhitectionphy.club are usually loaded on a system when the user installs bundled software or freeware apps from third party download sites. Upon the components or browser extensions related to Lwhitectionphy.club being loaded, the Lwhitectionphy.club site may be set as a default home page or new tab page. From there, Lwhitectionphy.club could load at random where it attempts to get permission to load other notifications, which may bombard computer users with misleading pop-ups. Those seeking relief from the Lwhitectionphy.club pop-ups and notifications will want to utilize a trusted antimalware resource to...

Llisthonolialate.club is one of a growing number of browser hijacker sites that play on seeking permission to display ridiculous pop-up notifications on Windows PCs. The pop-ups from Llisthonolialate.club are initially to give the hijacker access to display other notifications, which may come in the form of offering malicious content or services. The Llisthonolialate.club web page my appear to be harmless until it begs for notification permission, which may also alter certain web browser settings thus causing unwanted site redirects or at least setting the Llisthonolialate.club site as a default home page or new tab page. Removal of the Llisthonolialate.club hijacker and its components is necessary to stop the unwanted notifications from displaying, which can be done using a trusted antimalware tool.

Denmaccatory.club is a malicious website that looks to have an objective of displaying alert messages on a computer by first demanding permission to render the notification. The notification from Denmaccatory.club looks to be a common use of websites to gain access for loading alerts while a computer user is surfing the Internet. The mischievous actions of Denmaccatory.club look to be a malicious attack on computer users, which can be averted by removal of the components associated with Denmaccatory.club causing the notifications. Comptuer users plagued with Denmaccatory.club will want to take the necessary action to fully eliminate Denmaccatory.club and its components. Such an action may require using a trusted antimalware resource to automatically detect and remove the Denmaccatory.club add-ons or browser extensions.

Hipermovies.icu has been created with a singular goal - to trick users into allowing it to show push notifications in their Web browser. To do so, the website generates several messages that tempt the user to click the "Allow" button. The text of the messages is designed to be misleading specifically. They either want the users to click 'Allow' to prove that they are not a robot or promise some vague benefit. In the case of Hipermovies.icu, the displayed notification is the following: Hipermovies.icu wants to Show notifications Please Press Allow to Continue Watch! Falling for even just one of the messages is enough, after that Hipermovies.icu will have received the required permissions to start showing unsolicited advertisements to the user. While these social engineering tactics are not on top of the most unsafe malware lists, they...

The Billy's Apocalypse Ransomware is a crypto locker malware that aims to infiltrate the victim's computer, encrypt the files stored on it, and extort money for their decryption. This particular malware threat appears to be a nearly identical copy of the BlackClaw Ransomware. The major difference is that the files encrypted by Billy's Apocalypse Ransomware have ".apocalypse" added as a new extension to their file names, while the BlackClaw used ".bclaw" as an extension. Upon successful encryption of the targeted files, two files containing named "RECOVER YOUR FILES.txt" and "RECOVER YOUR FILES.hta" will be created into every folder containing encrypted files. In addition, a pop-up window containing text nearly identical to the note in the text files will be displayed. Unlike the majority of ransomware threats, the criminals behind the...

Some pieces of malware have the ability to remain unnoticed or get just the bare minimum of attention from the cybersecurity community, despite being used in cyber attacks for more than a decade. This is exactly the case with the Taidoor RAT (aka Taurus RAT), a Remote Access Trojan that was first detected way back in 2008. The Taidoor RAT, however, is now the subject of an alert report created jointly by three US agencies - Cybersecurity and Infrastructure Security Agency, which is part of the Department of Homeland Security (DHS CISA), the Department of Defense's Cyber Command (CyberCom), and the Federal Bureau of Investigations (FBI) due to the fact that this specific malware is linked to Chinese-sponsored hacker groups. The FBI Warns about a New Version of a Chinese RAT Malware Despite its age, the Taidoor RAT has remained relevant...

Modern cyber threats are usually focused on generating revenue for their creators by exploiting the victim in every possible way – some threats are dedicated to collecting payment information, while others try to collect login details and other data that may be sold to other cybercriminals. Ransomware, however, continues to be one of the favorite extortion tools in the arsenal of cybercriminals. Ransomware is a threat that works by encrypting the contents of various files and then offering to provide the victim with a recovery option in exchange for money. Over the past three years, anti-virus product vendors around the world have classified and analyzed hundreds of unique file-lockers that work in a very similar way. One of the latest additions to the list of active file-encryption Trojans is the Nile Ransomware – this threat is not...

The CryptoDarkRubix Ransomware is a threat that will damage your files, and, unfortunately, even it's creators may not help you recover your data. The creators of the CryptoDarkRubix Ransomware were unsuccessful in implementing a file-encryption process, and because of this, the files will not be encrypted properly. Instead, it will overwrite their contents with unintelligible characters. Once the CryptoDarkRubix Ransomware ha enciphered a file, recovering it would only be possible by recovering the original file from a backup. It is not clear whether the admins the CryptoDarkRubix Ransomware know about this bug, or if the malware is being used to trick users into sending them money. As soon as the ransomware is inside a computer, it will corrupt a large portion of the data, and then display a ransom demand to extort the victim. The...

Y0utube.best may be a website that is often confused for a video streaming site. While Y0utube.best could display random video content, it is best known for being a browser hijacker that has components that may load when installing freeware apps or bundled software from the Internet. The components of Y0utube.best may seek permission from a computer user to display additional notifications, which may then bombard users with an onslaught of misleading alerts and pop-ups that could easily lead to malicious sources on the Internet. In some cases, Y0utube.best may load or cause redirects as a default home page or default new tab page within popular web browser applications. In any case of Y0utube.best loading, computer users are recommended to take prompt action to safely detect and remove the Y0utube.best browser hijacker components by...

Scrutchother.club is a browser hijacker website that is known for its actions of displaying a pop-up asking for permission from the computer user to display additional notifications. Such notifications may be questionable in their content and could cause confusion when attempting to surf the Internet. The components of Scrutchother.club may be automatically loaded when installing random freeware apps or bundled software apps that are downloaded from the Internet, mostly from third party download websites. The best approach for computer users to take upon noticing the Scrutchother.club site automatically loading as a default home page or new tab page is to obtain a trusted antimalware resource to automatically find and eliminate all components associated with Scrutchother.club.

Ntentifycom.club is a site that generates pop-up messages and attempts to get computer users to allow such pop-ups to display at random. Deemed as a browser hijacker, Ntentifycom.club has associated components that may load when installing freeware or bundled software apps from the Internet. Such components are mostly in the form of browser extensions or add-ons that may have automatically loaded upon installation of other programs. The initial pop-up from Ntentifycom.club is one that seeks permission to display notifications and from there it may then bombard computer users with several notifications that could prevent normal surfing of the Internet. In any given case of having the Ntentifycom.club site load automatically either as a default home page or new tab page, computer users should scan their system for browser hijackers and...

Enumerfavo.club is a website that was found to be part of a mischievous social engineering attack that may force computer users into allowing notifications from the site to appear on their computer. The Enumerfavo.club website may not appear to be harmful but upon loading it most web browsers will allow a pop-up notification that seeks permission to display additional notifications. Those who allow the Enumerfavo.club site to display notifications may witness several alerts that could prevent them from surfing the Internet in a normal fashion or they could be presented with several annoying advertisements. Due to the actions of Enumerfavo.club it is deemed as a browser hijacker, which can and should be removed from a system. The removal process for Enumerfavo.club usually involves using the proper antimalware resource to automatically...