Track Global Malware Trends
View the trending of malware based on the "detection count" reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Spam Alert: Phishing Email Scam Titled ‘Bank of America Alert: Account Suspended’
We recently discovered a new phishing scam from a Bank of America spam email message that attempts to warn a computer user of an 'invalid login' resulting in a 'suspended banking account'. The spam message is ultimately a phishing scam that tries to lure computer users to a phishing site to...
Top 5 Popular Cybercrimes: How You Can Easily Prevent Them
Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles, the days of robbing banks in...

Top Articles

WannaCryptor or WanaCrypt0r Ransomware

WannaCryptor or WanaCrypt0r Ransomware screenshot

The WanaCrypt0r Ransomware is an encryption Trojan that features a worm-like attack tactic. The WanaCrypt0r Ransomware is recognized as one of the most threatening and widespread encryption Trojans up until May 12th, 2017. The WanaCrypt0r Ransomware managed to compromise more than hundreds of thousand systems across one hundred and forty countries on its first release to the real world. The brunt of the attack was taken by PC users in Russia and the National Healthcare System in Great Britain. The Trojan managed to block access to most of the computers connected to the National Healthcare System and nearly 70% of the cases that involve the WanaCrypt0r Ransomware are recorded in Russia....

Posted on March 29, 2017 in Ransomware

Cerber Ransomware

The Cerber Ransomware is a ransomware infection that is used to encrypt the victims' files. The Cerber Ransomware adds the extension CERBER to every file that the Cerber Ransomware encrypts. After the Cerber Ransomware has encrypted some of the files of the victim, the Cerber Ransomware demands the payment of a ransom in exchange for the decryption key. According to Cerber Ransomware's ransom note, computer users have one week to pay the ransom amount before this amount is doubled. The Cerber Ransomware Contains an Audio Message As the Cerber Ransomware encrypts the victim's files, it creates TXT, HTML, and VBS files named 'DECRYPT MY FILES' with instructions on how to pay the Cerber Ransomware's ransom. These files are dropped on every folder that contains files that were encrypted by Cerber Ransomware. According to these ransom...

Posted on March 4, 2016 in Ransomware

CryptoLocker Ransomware

CryptoLocker Ransomware screenshot

The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

Play-bar.net

The Play-bar.net search aggregator is similar to Ultimate-search.net, and it is a questionable service that is promoted by a browser hijacker. The Play-bar.net site is operated by Blisbury LLP and features a small search bar, a weather forecast in the top right corner and a clock widget in the top left corner. Additionally, the Play-bar.net site may offer users to play Adobe Flash games on online gaming platforms likePrincess Games, GamesRockit and TikiArcade. The browser hijacker related to Play-bar.net is written with the purpose of diverting the Internet traffic of infected users to Play-bar.net and earn affiliate revenue. The Play-bar.net browser hijacker may modify your DNS settings and change your default search aggregator, homepage and a new tab to Play-bar.net. The Play-bar.net browser hijacker might edit your Windows Registry...

Posted on October 14, 2015 in Browser Hijackers

Cerber3 Ransomware

The Cerber3 Ransomware is a new version of a well-known ransomware Trojan. The Cerber Ransomware Trojan now uses a slightly different method during its attack. The main difference is that the files infected by the Cerber3 Ransomware can be identified through the use of .CERBER3 as the extension that identifies the files that have been encrypted in the attack. PC security analysts had observed a Cerber2 variant of this attack previously. This numbering system may indicate new versions of software, and threats are no exception. The appearance of the Cerber3 Ransomware indicates that the Cerber ransomware family is being developed and updated currently. The Cerber3 Ransomware and Possible Updates to this Threat The Cerber3 Ransomware was discovered recently, around the end of August of 2016. The Cerber3 Ransomware presents minor...

Posted on September 1, 2016 in Ransomware

DNS Unlocker

The DNS Unlocker is adware that has caught the attention of PC security researchers. Many computer users have been using programs like the DNS Unlocker to bypass region-locking components in online applications. The DNS Unlocker, in particular, has been advertised as a way for computer users to access Netflix for regions outside of their location. PC security analysts strongly recommend against this approach. There are numerous applications available that supposedly allow computer users to modify their IP or connect to certain websites that are blocked for certain regions. However, this is a common way for adware developers to distribute their low-level and mid-level threats. In several situations, it may be better to avoid using these types of components or looking for reputable options even if they are slightly more expensive than...

Posted on June 15, 2015 in Adware

Tavanero.info

Tavanero.info is a bogus search engine that is associated with a PUP (Potentially Unwanted Program). Tavanero.info attempts to mimic the look and feel of the Google search engine to mislead computer users. Tavanero.info uses the Google logo colors in its layout and even includes the term 'GoogleTM Custom Search,' despite the fact that Tavanero.info has no affiliations with Google. Tavanero.info should be considered for what it is, a bogus search engine that may be used to expose computer users to potentially harmful online advertisements and content. There is no legitimate connection between Tavanero.info and Google, despite this fake search engine's claims. The Activities of Tavanero.info and Its Associated PUP Tavanero.info is linked to a type of PUP known as a browser hijacker, mainly because these components may be used to hijack...

Posted on September 6, 2016 in Browser Hijackers

Tech-connect.biz

If Tech-connect.biz start appearing as your homepage and search engine, this means that your computer is housing a browser hijacker. Then you wonder how it could have happened if wasn't you who introduced Tech-connect.biz on your machine. The answer is very simple; browser hijackers may be part of the installation of a free software you downloaded from the Web recently. This is a well-used method since the computer users may be in a hurry when installing the free program they need and instead of choosing 'Advanced' or 'Custom,' used the quickest installation method, skipping its EULA and additional details, giving the browser hijacker, adware, and PUPs, the permission to be installed unknowingly. Although not threatening, Tech-connect.biz may cause a series of inconveniences to the computer users, such as appending the argument...

Posted on September 15, 2016 in Browser Hijackers

Zepto Ransomware

The Zepto Ransomware is a variant of the Trojan Locky Ransomware. The Zepto Ransomware is designed to infect all versions of the Windows operating system, from Windows XP all the way to Windows 10. Ransomware Trojans like the Zepto Ransomware are especially threatening because, even if removed, the victim's files will still be inaccessible. Essentially, the Zepto Ransomware takes the victim's files hostage, encrypting them and demanding the payment of a ransom to decrypt them. Since the files encrypted by the Zepto Ransomware are impossible to recover without access to the decryption key, PC security analysts advise that computer users take immediate preventive measures to avoid becoming victims of this and similar ransomware Trojan attacks. The Files Encrypted by the Zepto Ransomware may be Lost Forever When the Zepto Ransomware is...

Posted on June 29, 2016 in Ransomware

CryptoWall Ransomware

CryptoWall Ransomware screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware. The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted data....

Posted on May 12, 2014 in Ransomware

Alureon

Alureon is one of the most dangerous malware infections. The Alureon Trojan and rootkit can search a computer system's network traffic and extract account information, passwords, online banking data and credit card information. The Alureon Trojan is responsible for several well-publicized attacks on computer systems using Windows operating systems. Microsoft has released several patches for their operating system, in order to undo some of the effects of this dangerous malware invader. According to PC security researchers, as of 2010, Alureon was responsible for the second-largest botnet and a host of spam email and DDoS attacks. A Timeline of the Alureon Rootkit According to PC security researchers, the first infections of the Alureon rootkit were first detected in 2006. Most computer systems become infected with the Alureon malware...

Posted on February 23, 2009 in Trojans

From Doc to Pdf Toolbar

The From Doc to Pdf Toolbar is a creation of Mindspark Interactive Network Inc. and a Possibly Unwanted Program that computer users can download from its website, Fromdoctopdf.com. The From Doc to Pdf Toolbar may attract the attention of computer users that need to convert their files to .docs because it promises to convert PDF, DOC, TXT, RTF, XLS, PPT, BMP, JPG, TIFF and more to .doc as long as they are installed on a computer running Windows 7, 8, 10, Vista, and XP. However, the From Doc to Pdf Toolbar may replace your new tab page or homepage to MyWay.com. Although downloaded and installed by the computer owner, the offered functions of From Doc to Pdf Toolbar may be unwanted. If you installed the From Doc to Pdf Toolbar on your machine but is not satisfied with its adverse secondary effects, you should consider uninstalling From...

Posted on July 24, 2013 in Potentially Unwanted Programs

Right Coupon

Right Coupon screenshot

Right Coupon is a PUP (potentially unwanted program)/adware that may be generated to show intrusive pop-up advertisements on the PC and unwillingly divert computer users to a variety of questionable websites claiming that the computer user has won some prizes. The pop-up advertisements of Right Coupon may come with the text 'Hottest Deals!' or 'Hot Deals!'. Computer users may typically get irritated by the non-stop Right Coupon pop-up advertisements being repeatedly shown on the PC. Right Coupon may proliferate and infiltrate into the computer system through packaged free applications. After installation on the PC, Right Coupon may insert an unwanted free toolbar or a Web browser...

Posted on March 20, 2014 in Adware

Elex Hijacker

The Elex Hijacker is a Web browser hijacker that may take over a Web browser, change its homepage and other settings and prevent computer users from restoring their Web browser to its default setting. The Elex Hijacker may be associated with a variety of other unwanted symptoms. The main reason that makes the Elex Hijacker is considered a browser hijacker is because its main purpose is to take over a Web browser to force computer users to view certain websites repeatedly and open new Web browser windows and tabs while the computer users attempt to use their computers. The Elex Hijacker is promoted as a useful Web browser extension or add-on. However, PC security researchers have determined that the Elex Hijacker does not offer any useful or beneficial service. Rather, the Elex Hijacker is designed to make money at the expense of...

Posted on December 12, 2015 in Browser Hijackers

CounterFlix

The Counterflix software is advertised as an application that can allow users to load geo-restricted content from services like Hulu, Pandora and Netflix. PC users that live in countries like India, China, and Russia, where Internet censorship applies may be interested in installing Counterflix. The services provided by Counterflix are available through the app and the modification of your DNS configuration. The setup page for Counterflix can be found at Counterflix.com and users will need to edit their system settings to install the Counterflix correctly. You should note that the Counterflix software is provided on an “As-Is” basis and you will not receive support from its developers. Unfortunately, the makers of Counterflix do not provide contact information like a Facebook page or a Twitter account, which you may need in case of...

Posted on October 2, 2016 in Adware

Launchpage.org

Launchpage.org is a site that resembles the native new tab page on Google Chrome up to a point where one might think Launchpage.org is a phishing page. Launchpage.org does not include the Google logo, but it has the familiar speed dial below the search bar, quick links in the top right corner, and a square icon that brings up a menu with additional tools. Web surfers can find links to social media, video sharing sites, online office suite, and online stores at Launchpage.org that they may find somewhat useful. The Launchpage.org site is reported by users who noticed that their new tab page loads Launchpage.org and they might have installed a browser add-on that modified their Internet settings. Apparently, Launchpage.org mimics the appearance of Google.com and expands the list of available links, as well as reroute users to the...

Posted on March 6, 2017 in Browser Hijackers

Cry128 Ransomware

The Cry128 Ransomware is a ransomware Trojan that is a variant of Crypton, a ransomware family that includes the recently released Cry9 Ransomware variant. The Cry128 Ransomware and its variants are being delivered by attaching corrupted macro-enabled files to spam email messages. These files exploit a vulnerability in Windows that allows con artists to download and execute threats onto the victim's computer. The Cry128 Ransomware seems to be targeted towards English speakers and will encrypt the victim's files to demand the payment of a ransom. The Cry128 Ransomware Attack Like most ransomware Trojans, the Cry128 Ransomware is designed to infiltrate a computer and take the victim's files hostage, encrypting them using a strong encryption algorithm. Among the many file types that the Cry128 Ransomware will encrypt, the following are...

Posted on May 5, 2017 in Ransomware

Luckysite123.com

The Luckysite123.com domain has been linked to Web browser redirects that may be caused by browser hijackers, Potentially Unwanted Programs (PUPs), adware, and various other parasites or low-level threats. The Luckysite123.com website is designed to impersonate a legitimate search engine, as well as offer various other supposed features. The Luckysite123.com layout is designed to mimic Google, Yahoo, Bing, and other legitimate search websites. However, the real purpose of Luckysite123.com may not be the delivery of legitimate search results. Rather, Luckysite123.com may be designed to expose computer users to advertising material and keep tabs on their online searches and activity. Furthermore, the way in which computer users may be forced to visit and use Luckysite123.com against their will may make these websites problematic. How a...

Posted on May 16, 2017 in Browser Hijackers

More Articles

Wana Decrypt0r 3.0 Ransomware

The Wana Decrypt0r 3.0 Ransomware is a Trojan that may be introduced to computers which users open spam emails. The Wana Decrypt0r 3.0 Ransomware is not a new version of the WannaCry (WannaCryptor) Ransomware but a copycat that is using the same ransom notification window. The Wana Decrypt0r 3.0 Ransomware Trojan appears to be aimed at Chinese-speaking users. At the time of writing, the Wana Decrypt0r 3.0 Ransomware does not function as one might expect because it does not encrypt data. The samples of the Wana Decrypt0r 3.0 Ransomware acquired by cyber security experts revealed that the engine of the Trojan has more than a few flaws and does not work. It is possible that the programmers behind the Wana Decrypt0r 3.0 Ransomware may have intended to scare users into believing they are infected with the WannaCry (WannaCryptor) and rely on...

Posted on May 25, 2017 in Ransomware

Wanna Subscribe 1.0 Ransomware

The Wanna Subscribe 1.0 Ransomware is a fan-made adaptation of the WannaCryptor (WannaCry) Ransomware that functions as a screen locker Trojan. The Wanna Subscribe 1.0 Ransomware is not a file encoder and does not corrupt data on the compromised system. Instead, the users are shown a program window titled 'Wanna Subscribe v1.0' and suggested that their files were encrypted and the price for the decryption key is to subscribe to a channel on YouTube. The window displayed by the Wanna Subscribe 1.0 Ransomware is styled after the interface used by the WannaCry (WannaCryptor) Ransomware, but it is colored in black while the original is colored in red. Both versions include a timer and a 'Decrypt' button. However, there is no need to subscribe to the channel promoted by the Wanna Subscribe 1.0 Ransomware and tolerate the Trojan. The Wanna...

Posted on May 25, 2017 in Ransomware

MoWare H.F.D Ransomware

The MoWare H.F.D Ransomware is a file encoder Trojan based on the HiddenTear open-source project published by Utku Sen back in 2015. The MoWare H.F.D Ransomware is hardly a unique threat, and it shares code with dozens of other Trojans such as the Kripto64 Ransomware and the Lockify Ransomware. The MoWare H.F.D Ransomware is distributed the same as most crypto-threats — spam emails and links to corrupted pages on the Internet. The MoWare H.F.D Ransomware Trojan is aimed at English-speaking users but that is not a limiting factor considering the threat can be found on machines located on outside countries where English is the primary language. Compromised users may find 'hiddentears.exe' on their main drive, which is known to be used by the MoWare H.F.D Ransomware. AV vendors may flag the objects related to the MoWare H.F.D Ransomware...

Posted on May 25, 2017 in Ransomware

4rw5w Ransomware

The 4rw5w Ransomware is an encryption Trojan that is programmed to encrypt data on compromised machines and welcome the affected users to transfer 30 USD worth of Bitcoins to a particular wallet address if they want to recover their data. The 4rw5w Ransomware appears to be the work of an independent team of threat programmers who target English-speaking users. The 4rw5w Ransomware was reported for the first time on May 24th, 2017. The payload for the 4rw5w Ransomware may be released to Windows users via spam emails, which means that the 4rw5w Ransomware also might be found on computers that belong to non-English speakers. The Trojan is reported to run as '4rw5wDecryptor.exe' and '4rw4w.exe' on infected devices. AV developers may refer to the files used by the 4rw5w Ransomware using the following names: Artemis!A4DEA323D161...

Posted on May 25, 2017 in Ransomware

Watch TV Now

The Watch TV Now browser extension from Polarity Technologies Ltd. is advertised as a tool that can change the layout of your new tab page, offer a custom search and improve and expand your access to TV via the Internet. The Watch TV Now extension may be added to Google Chrome and Mozilla Firefox. The app can be found in free software bundles and Watch TV Now may alter your Internet settings without your explicit consent. The Watch TV Now software is designed to force the Web browser to load Search.watchtvnow.co instead of the default new tab page. You can find the homepage for Watch TV Now by Polarity Technologies Ltd. at watchtvnow.co/Television. The links provided on Search.watchtvnow.co may offer access to content on Hulu.com, Netflix.com and Search.searchotva.com. You may want to know that the Watch TV Now extension is an...

Posted on May 25, 2017 in Possibly Unwanted Program

Nyugator.info

Nyugator.info is an unreliable website that may appear as a real and protected. In reality, Nyugator.info is linked to browser hijackers and adware that may lead to annoying browser diversions to unreliable websites incorporating Nyugator.info and other websites similar to it. If your computer and Web browser have been attacked by any security threats associated with Nyugator.info, the search results in any popular search provider may get unwillingly rerouted to suspicious websites involving Nyugator.info and may deliver and show random commercial pop-up advertisements and banners or advertisements and banners related to the PC user's browsing routine on the desktop of the computer. Browser hijackers and adware linked to Nyugator.info may substitute the default start page and search system with Nyugator.info, or open it in a new tab...

Posted on May 24, 2017 in Browser Hijackers

System Health Checker

The System Health Checker is a Potentially Unwanted Program (PUP) that may cause problems on targeted computers. The System Health Checker's PUP is distributed as a Web browser toolbar, extension, plug-in or add-on that may affect Google Chrome only. According to its self-promotion, the System Health Checker is designed to "Check your system health and prevent before too late." The System Health Checker may be referred to as a threat incorrectly. However, PUPs are less difficult to remove from an affected computer and seldom have long-term destructive effects. However, it is important to know that the System Health Checker may cause problems and is categorized as adware, spyware and browser hijacker because of the many symptoms with which the System Health Checker has been linked. The System Health Checker may change the affected Web...

Posted on May 24, 2017 in Possibly Unwanted Program

Cmn.world

Cmn.world is a questionable website linked to browser hijackers and adware, which masquerades as a legitimate search system; however, in truth, Cmn.world does not provide PC users with any trustworthy and safe search results related to their requests. Browser hijackers and adware associated with Cmn.world may compromise and change a Web browser and reroute the search results in any genuine search provider to suspicious websites incorporating Cmn.world forcibly. PC infections linked to Cmn.world may replace the default homepage or search tool with Cmn.world, or open it as a new tab page. If the computer users attempt to find anything on the Web by using Cmn.world, their Web browser may get diverted to suspicious commercial websites that may show random pop-up advertisements or advertisements about the Web user's surfing habits to boost...

Posted on May 24, 2017 in Browser Hijackers

Cleanserp.net

Cleanserp.net is a suspicious website and search engine classified as a browser hijacker that with the help of parasites such as adware, and changes made to the Web browser settings, may show unwanted pop-up messages and advertisements when computer users browse the Web. The pop-up messages and advertisements exhibited by Cleanserp.net may specify that a PC is infected with adware and browser hijackers so that it can offer fake security programs and similar content. Adware and browser hijackers linked to Cleanserp.net may be distributed and invade the PC through bundled free applications that computer users can download from untrustworthy websites. If a Web browser has been affected by adware and browser hijackers, highlighted words with double underlines may be displayed on all websites visited by the computer users. Although they...

Posted on May 24, 2017 in Browser Hijackers

ScreenUp

ScreenUp is an adware/potentially unwanted application that may show pop-up advertisements and messages on the PC, which may offer numerous products on well-known online shopping websites and other websites. After installation, ScreenUp may embed a browser extension, add-on or plug-in to Web browsers such as Google Chrome, Mozilla Firefox and Internet Explorer. These extensions may show pop-up ads and banners. ScreenUp may execute a variety of background processes that may slow the PC down. ScreenUp may display disturbing pop-up advertisements and messages that may be random or about the computer user's surfing routine since ScreenUp may assemble the computer users browsing preferences and send it to marketers. ScreenUp may be produced and used with the purpose to make a profit from commercial ad clicks and messages or increased...

Posted on May 24, 2017 in Possibly Unwanted Program

CVLocker Ransomware

The CVLocker Ransomware is not a real threat infection. Looks like that it was created as a scary joke without money-collecting intentions. What The CVLocker Ransomware does is lock the targeted computer so that its user will believe that there is a ransomware threat attacking the computer. Then, the CVLocker Ransomware opens a window on the victim's desktop claiming that the computer was blocked because its user was watching 'Expanding Dong,' 'Creating Bonzi Buddy' or 'MLD Montage Parodies. The pop-ups window also contains a timer that supposedly will stop its countdown as soon as the computer users send a provided email address to the people responsible for the CVLocker Ransomware. The CVLocker Ransomware may be spread to vulnerable computers by corrupted email attachments. However, due to the huge amount of ransomware Trojans that...

Posted on May 24, 2017 in Ransomware

VMola Ransomware

The VMola Ransomware is a threat infection categorized as ransomware that, once installed on a PC, shows its rather short ransom note in a Rich Text Format demanding a small ransom, 0.1 BTC (approximate $230). The ransom note also provides an email address for contact, 3HuREAXxTzx9XnmTKz1xi7RPycjsQc7NN9, and demands that the victims add their emails as a note. To compromise the files and make them inaccessible, the VMola Ransomware includes the (Encrypted_By_VMola.com) extension to the original file name. The Vmola Ransomware ransom message reads: '!YOUR FILES HAVE BEEN ENCRYPTED! To decrypt your files send 0.1 BTC to 3HuREAXxTzx9XnmTKz1xi7RPycjsQc7NN9 and add your email as note.' However, the advice provided by malware experts is that the affected computer users should not pay even one cent to the people behind any ransomware threat....

Posted on May 24, 2017 in Ransomware

VisionCrypt Ransomware

The VisionCrypt Ransomware is a file encoder Trojan whose appearance was reported by cyber security researchers on May 19th, 2017. The VisionCrypt Ransomware Trojan is delivered to users via spam emails and exploit kits such as Infinity. The threat is named after the program file 'VisionCryptor.exe' that was found on infected machines. The VisionCrypt Ransomware is classified as a mid-tier crypto-threat that requires users to keep a program window titled 'VisionCrypt 2.0' opened if they intend to cooperate. The VisionCrypt Trojan is designed to encipher data on compromised computers, inform the users that their photos and documents have been enciphered and welcome the users to pay for the decryption service. The VisionCrypt Ransomware appears to be aimed at English-speaking users and it is reported to corrupt files with the following...

Posted on May 23, 2017 in Ransomware

Decryption Assistant Ransomware

The Decryption Assistant Ransomware was uncovered by PC security investigators while analyzing suspicious samples submitted to an online security platform. Evidently, the authors of the Decryption Assistant Ransomware uploaded samples of his work-in-progress Trojan to a respected online platform to check if AV scanners can detect the corrupted code they wrote. At the time of writing, the Decryption Assistant Ransomware is under development, and there isn't a campaign to distribute the Decryption Assistant Trojan to users. The Decryption Assistant Trojan is designed to function like the May Ransomware and the CryptoViki Ransomware, which were released a few days prior to the discovery of the Decryption Assistant. The Decryption Assistant Ransomware may be under development, but its encryption engine is fully operational. The Decryption...

Posted on May 23, 2017 in Ransomware

D2+D Ransomware

The D2+D Ransomware is a Trojan that was reported on May 21st, 2017. The D2+D Ransomware appears to be aimed at English-speaking users and may be delivered to users via spam emails, corrupted links and pirated software. There are reports connected to the D2+D Ransomware, which suggests the Trojan might be distributed as pirated copies of PC games and shareware. Hence, users that download torrents with illegally acquired content might invite the D2+D Ransomware into their systems. The D2+D Ransomware may look like a standard encryption Trojan such as the XData Ransomware and the BlockFile12 Ransomware, but it is not. An in-depth analysis of samples that belong to the D2+D Ransomware revealed that the threat is more similar to the 'Your computer is locked !' Screenlocker and the 'NTK Screenlocker ' The D2+D Ransomware is a Trojan that...

Posted on May 23, 2017 in Ransomware
1 2 3 4 5 6 7 8 9 10 11 1,152