Track Global Malware Trends
View the trending of malware based on the "detection count" reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Spam Alert: Phishing Email Scam Titled ‘Bank of America Alert: Account Suspended’
We recently discovered a new phishing scam from a Bank of America spam email message that attempts to warn a computer user of an 'invalid login' resulting in a 'suspended banking account'. The spam message is ultimately a phishing scam that tries to lure computer users to a phishing site to...
Top 5 Popular Cybercrimes: How You Can Easily Prevent Them
Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles, the days of robbing banks in...

Top Articles

CryptoLocker Ransomware

CryptoLocker Ransomware screenshot

The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

Play-bar.net

The Play-bar.net search aggregator is similar to Ultimate-search.net, and it is a questionable service that is promoted by a browser hijacker. The Play-bar.net site is operated by Blisbury LLP and features a small search bar, a weather forecast in the top right corner and a clock widget in the top left corner. Additionally, the Play-bar.net site may offer users to play Adobe Flash games on online gaming platforms likePrincess Games, GamesRockit and TikiArcade. The browser hijacker related to Play-bar.net is written with the purpose of diverting the Internet traffic of infected users to Play-bar.net and earn affiliate revenue. The Play-bar.net browser hijacker may modify your DNS settings and change your default search aggregator, homepage and a new tab to Play-bar.net. The Play-bar.net browser hijacker might edit your Windows Registry...

Posted on October 14, 2015 in Browser Hijackers

Cerber Ransomware

The Cerber Ransomware is a ransomware infection that is used to encrypt the victims' files. The Cerber Ransomware adds the extension CERBER to every file that the Cerber Ransomware encrypts. After the Cerber Ransomware has encrypted some of the files of the victim, the Cerber Ransomware demands the payment of a ransom in exchange for the decryption key. According to Cerber Ransomware's ransom note, computer users have one week to pay the ransom amount before this amount is doubled. The Cerber Ransomware Contains an Audio Message As the Cerber Ransomware encrypts the victim's files, it creates TXT, HTML, and VBS files named 'DECRYPT MY FILES' with instructions on how to pay the Cerber Ransomware's ransom. These files are dropped on every folder that contains files that were encrypted by Cerber Ransomware. According to these ransom...

Posted on March 4, 2016 in Ransomware

Cerber3 Ransomware

The Cerber3 Ransomware is a new version of a well-known ransomware Trojan. The Cerber Ransomware Trojan now uses a slightly different method during its attack. The main difference is that the files infected by the Cerber3 Ransomware can be identified through the use of .CERBER3 as the extension that identifies the files that have been encrypted in the attack. PC security analysts had observed a Cerber2 variant of this attack previously. This numbering system may indicate new versions of software, and threats are no exception. The appearance of the Cerber3 Ransomware indicates that the Cerber ransomware family is being developed and updated currently. The Cerber3 Ransomware and Possible Updates to this Threat The Cerber3 Ransomware was discovered recently, around the end of August of 2016. The Cerber3 Ransomware presents minor...

Posted on September 1, 2016 in Ransomware

DNS Unlocker

The DNS Unlocker is adware that has caught the attention of PC security researchers. Many computer users have been using programs like the DNS Unlocker to bypass region-locking components in online applications. The DNS Unlocker, in particular, has been advertised as a way for computer users to access Netflix for regions outside of their location. PC security analysts strongly recommend against this approach. There are numerous applications available that supposedly allow computer users to modify their IP or connect to certain websites that are blocked for certain regions. However, this is a common way for adware developers to distribute their low-level and mid-level threats. In several situations, it may be better to avoid using these types of components or looking for reputable options even if they are slightly more expensive than...

Posted on June 15, 2015 in Adware

Tavanero.info

Tavanero.info is a bogus search engine that is associated with a PUP (Potentially Unwanted Program). Tavanero.info attempts to mimic the look and feel of the Google search engine to mislead computer users. Tavanero.info uses the Google logo colors in its layout and even includes the term 'GoogleTM Custom Search,' despite the fact that Tavanero.info has no affiliations with Google. Tavanero.info should be considered for what it is, a bogus search engine that may be used to expose computer users to potentially harmful online advertisements and content. There is no legitimate connection between Tavanero.info and Google, despite this fake search engine's claims. The Activities of Tavanero.info and Its Associated PUP Tavanero.info is linked to a type of PUP known as a browser hijacker, mainly because these components may be used to hijack...

Posted on September 6, 2016 in Browser Hijackers

Tech-connect.biz

If Tech-connect.biz start appearing as your homepage and search engine, this means that your computer is housing a browser hijacker. Then you wonder how it could have happened if wasn't you who introduced Tech-connect.biz on your machine. The answer is very simple; browser hijackers may be part of the installation of a free software you downloaded from the Web recently. This is a well-used method since the computer users may be in a hurry when installing the free program they need and instead of choosing 'Advanced' or 'Custom,' used the quickest installation method, skipping its EULA and additional details, giving the browser hijacker, adware, and PUPs, the permission to be installed unknowingly. Although not threatening, Tech-connect.biz may cause a series of inconveniences to the computer users, such as appending the argument...

Posted on September 15, 2016 in Browser Hijackers

Antivirus Security Pro

Antivirus Security Pro screenshot

Antivirus Security Pro is a rogue security application that belongs to a large family of rogue security software known as . Antivirus Security Pro is a fake security program that is disguised as a legitimate anti-virus application. Antivirus Security Pro does this by displaying false positives and bogus security warnings on the victim's computer. There are several ways in which criminals distribute Antivirus Security Pro, including malicious attack websites and spam email messages containing malicious attachments. Security analysts consider that Antivirus Security Pro presents a threat to your computer. Because of this, ESG security researchers strongly recommend that computer users...

Posted on August 22, 2013 in Rogue Anti-Spyware Program

Zepto Ransomware

The Zepto Ransomware is a variant of the Trojan Locky Ransomware. The Zepto Ransomware is designed to infect all versions of the Windows operating system, from Windows XP all the way to Windows 10. Ransomware Trojans like the Zepto Ransomware are especially threatening because, even if removed, the victim's files will still be inaccessible. Essentially, the Zepto Ransomware takes the victim's files hostage, encrypting them and demanding the payment of a ransom to decrypt them. Since the files encrypted by the Zepto Ransomware are impossible to recover without access to the decryption key, PC security analysts advise that computer users take immediate preventive measures to avoid becoming victims of this and similar ransomware Trojan attacks. The Files Encrypted by the Zepto Ransomware may be Lost Forever When the Zepto Ransomware is...

Posted on June 29, 2016 in Ransomware

CryptoWall Ransomware

CryptoWall Ransomware screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware. The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted data....

Posted on May 12, 2014 in Ransomware

RelevantKnowledge

RelevantKnowledge screenshot

RelevantKnowledge is software that exists in a moral grey area. RelevantKnowledge is widely considered spyware, because RelevantKnowledge will collect huge amounts of information about your Internet usage, and then use that information to put together even more information about you. That information is then sold, anonymously, either individually or as part of aggregate data. Given the way that RelevantKnowledge is installed on most computers, it is unlikely that most of those users are fully aware of the facts about RelevantKnowledge. What RelevantKnowledge is, and Where it Comes From RelevantKnowledge is a product of the company MarketScore, formerly called Netsetter. MarketScore...

Posted on April 8, 2005 in Adware

EstasAzulCorrupta

EstasAzulCorrupta is a virus, which infects Microsoft Office document files. EstasAzulCorrupta makes modifications to the files including .DOC, .XLS, and .PPT leaving them with a corrupt header. EstasAzulCorrupta doesn't modify the type of the file; however, it is impossible to open the file. EstasAzulCorrupta randomly selects which file to infect and occasionally affects other files such as .PDF and .TXT. EstasAzulCorrupta usually circulates with the help of Trojans. When run on the PC, EstasAzulCorrupta alters system settings. EstasAzulCorrupta downloads files on a variety of folders on the computer system. EstasAzulCorrupta also makes changes to the Windows Registry permitting it to start automatically every time the PC user boots up Windows. EstasAzulCorrupta takes the advantage of Microsoft Office vulnerabilities to gain remote...

Posted on October 23, 2013 in Viruses

OnlineMapFinder

OnlineMapFinder is a potentially unwanted program (PUP) that is advertised at Free.onlinemapfinder.com/index.jhtml as a premium Web-app. The OnlineMapFinder application is developed by Mindspark Interactive Network, Inc. and is described at Free.onlinemapfinder.com/index.jhtml as "Maps, Driving Directions and more in one Chrome New Tab" briefly. The OnlineMapFinder application works as a browser extension/add-on that you can attach to Internet Explorer, Google Chrome, and Mozilla Firefox. You may find the OnlineMapFinder useful if you are traveling around the world with a laptop on your back. The OnlineMapFinder app may load exciting content from sources like Maps.nationalgeographic.com, Historicaerials.com, and Mapquest.com. OnlineMapFinder may be eliminated by going through the web browser add-ons and extensions menu to find and...

Posted on March 4, 2014 in Potentially Unwanted Programs

Elex Hijacker

The Elex Hijacker is a Web browser hijacker that may take over a Web browser, change its homepage and other settings and prevent computer users from restoring their Web browser to its default setting. The Elex Hijacker may be associated with a variety of other unwanted symptoms. The main reason that makes the Elex Hijacker is considered a browser hijacker is because its main purpose is to take over a Web browser to force computer users to view certain websites repeatedly and open new Web browser windows and tabs while the computer users attempt to use their computers. The Elex Hijacker is promoted as a useful Web browser extension or add-on. However, PC security researchers have determined that the Elex Hijacker does not offer any useful or beneficial service. Rather, the Elex Hijacker is designed to make money at the expense of...

Posted on December 12, 2015 in Browser Hijackers

Search Engage

Unwanted Web browser add-ons may force computer users to visit Search Engage repeatedly. This is a low-quality search engine that may be designed to profit from computer users by exposing them to advertisements and affiliate marketing links. Search Engage is linked to an adware component that is installed as a Web browser extension. Once installed, these adware components may make unwanted changes to the affected Web browser, forcing the computer user to visit Search Engage repeatedly and displaying numerous pop-up windows and new tabs. There are numerous ways in which adware linked to Search Engage may be distributed. Many cases have been linked to unwanted downloads that may be bundled with other software installed on the affected computer. To stop Search Engage redirects and pop-ups, PC security researchers recommend that computer...

Posted on April 25, 2016 in Browser Hijackers

CounterFlix

The Counterflix software is advertised as an application that can allow users to load geo-restricted content from services like Hulu, Pandora and Netflix. PC users that live in countries like India, China, and Russia, where Internet censorship applies may be interested in installing Counterflix. The services provided by Counterflix are available through the app and the modification of your DNS configuration. The setup page for Counterflix can be found at Counterflix.com and users will need to edit their system settings to install the Counterflix correctly. You should note that the Counterflix software is provided on an “As-Is” basis and you will not receive support from its developers. Unfortunately, the makers of Counterflix do not provide contact information like a Facebook page or a Twitter account, which you may need in case of...

Posted on October 2, 2016 in Adware

Cerber 4.0 Ransomware

The Cerber 4.0 Ransomware represents the next generation in development of the '.cerber' line of encryption Trojans. The Cerber 4.0 Ransomware joins other threats like the ORX-Locker and the Stampado Ransomware, which are offered as Ransomware-as-a-Service package. The RaaS business was pioneered by Encryptor RaaS in early 2015 and the developers of Cerber want a share of the market for ransomware. It appears that the coders behind the Cerber 4.0 Ransomware decided to open their product to foreign programmers and benefit from the expanded distribution network. A New JS Loader, New Obfuscation Layers, Customizable Encryption Engine and More The Cerber 4.0 Ransomware is said to boast several significant improvements compared to the Cerber v3. The Cerber v4 creates a unique file extension marker for every victim, and the Trojan is...

Posted on October 13, 2016 in Ransomware

Search Dimension

Computer users that use the Search Dimension services provided at Searchdimension.com might want to remove the Search Control browser extension associated with Searchdimension.com from their browser. The Search Control (a.k.a. Search Dimension) extension by Search Dimension Ltd. is classified as a Potentially Unwanted Program (PUP) that is known to show many advertisements in the browser and lack security checks on the content displayed at Searchdimension.com. The Search Control program is promoted as a privacy-centric browser extension, which can protect your identity online and block search engines from tracking your activity. Search Dimension Ltd. uses the same marketing pitch employed by Privacy Switch and the Shield Plus Privacy Protector. However, their product is very similar to the ZenSearch add-on and fails to provide privacy...

Posted on March 28, 2017 in Adware

More Articles

Pytehole Ransomware

The Pytehole Ransomware is a file encoder Trojan that was announced by security reports on April 28th, 2017. The threat appears to be aimed at English-speaking users primarily, but the Trojan might arrive on systems from outside countries like the United States of America, Great Britain, Australia, India and Canada. Cyber security investigators alert that the Pytehole Ransomware is distributed to Windows users via spam emails, corrupted links, compromised documents and exploit kits like the Infinity. The Pytehole Ransomware Trojan is named after the file 'pyte-hole.exe,' which is reported to serve as the encryption engine. The program at hand can run on 32-bit and 64-bit systems, and it is deemed as a credible threat to data on local drives, network shares and removable storage connected to the compromised machine. The Pytehole...

Posted on April 28, 2017 in Ransomware

MergeDocsNow

The MergeDocsNow browser extension by Mindspark Interactive Network, Inc. is marketed as a free tool for users that need access to PDF merge service, document conversion and PDF editing online. The MergeDocsNow extension can be found at mergedocsnow.com/index.jhtml and the Chrome Webstore. MergeDocsNow has a version for Mozilla Firefox, but its XPI package is not listed on the official Mozilla Add-ons platform. You can add MergeDocsNow as a Browser Helper Object to Internet Explorer, but there isn't a version that is compatible with the Microsoft's Edge browser. You may be interested to know that MergeDocsNow by Mindspark is an ad-supported product and behaves identically to the MergeDocsOnline Toolbar and the Convert Docs Now Toolbar released by Mindspark earlier. The MergeDocsNow may alter the design of your new tab page and start...

Posted on April 28, 2017 in Possibly Unwanted Program

Search.myprivacy.zone

The Search.myprivacy.zone domain is associated with the MyPrivacy Search Chrome New Tab software, which is a browser extension that may empower your new tab page by loading Search.myprivacy.zone by default. The MyPrivacy Search Chrome New Tab extension is advertised to offer a privacy-centric online experience to users. The MyPrivacy Search Chrome New Tab app is a re-branded version of SearchControl (a.k.a. Search Dimension). Web surfers that seek to install the 'MyPrivacy Search' extension are redirected to chrome.google.com/webstore/detail/search-control/lfalbjnnkidjfoocmmgnejicgbgjpcgh where they are invited to add 'Search Control' to their Internet browser. Both extensions are identical except for their names and associated portals on the Web. The 'MyPrivacy Search' makes the same changes as 'Search Control' and makes your browser...

Posted on April 28, 2017 in Browser Hijackers

WiseFolderLock

The WiseFolderLock software that you may encounter in free software bundles should not be mistaken for the Wise Folder Hider by WiseCleaner. The WiseFolderLock program in question is offered as an optional component to third-party free programs. WiseFolderLock can be installed and used for free as long as it is for personal usage according to the EULA (End User License Agreement) that comes with the app. As you may expect, WiseFolderLock is intended to be used as a security tool that enables users to lock and hide data in the form of individual files and folders. PC users that share their machines with members of their household, fellow students, and colleges may be interested in installing the WiseFolderLock app to protect and hide files and folders on the system and USB drives. However, you may want to reconsider adding...

Posted on April 28, 2017 in Potentially Unwanted Programs

SmartService

The SmartService software is advertised to users as a free-to-use program that allows them to access the Internet via a private VPN network. The services provided by SmartService may be appealing to PC users that wish to minimize their Web traffic, circumvent Internet censorship and access region-locked resources. However, the SmartService comes with a few surprises that you are not going to like. The SmartService software may allow you to load Web pages via a VPN connection, but the program comes with a Trojan.Clicker add-on and a rootkit-like module named 'sMark5.' Both tools are installed with the SmartService software when you install the program with administrative privileges automatically. The 'sMark5' module acts as a guarding mechanism for adware and riskware that users may install through free software bundles. The...

Posted on April 27, 2017 in Trojan

GlobalWeather

The GlobalWeather program that you might find listed in your 'Programs and Features' panel is classified as adware. A fake weather forecast widget named 'GlobalWeather' is distributed to users via free software packages. The GlobalWeather software is not what its name suggests since the program may inject advertisements in the pages your browser loads. The GlobalWeather adware does not offer a GUI (General User Interface) window, and its activity takes place in the system's background. The GlobalWeather adware may put its files in the AppData folder and register a system service named 'Weather Service,' which is enabled to start with Windows automatically. Windows 10 users that have access to the native weather forecast app may think that the 'Weather Service' is part of a Microsoft product. The GlobalWeather adware may run on Windows...

Posted on April 27, 2017 in Adware

‘Your Computer Is In Blocked State’ Pop-Ups

The 'Your Computer Is In Blocked State' pop-up messages that seem to stick to your desktop and prevent you from operating your browser are not legitimate security alerts. The 'Your Computer Is In Blocked State' pop-ups are hosted on pages that hold phishing content and advertise services from fake computer support technicians. The sites that generate the 'Your Computer Is In Blocked State' pop-up notifications may feature the title 'Microsoft Official Support Page' and include a screenshot of Support.microsoft.com that is the legitimate portal where Windows users can request assistance for help with their system. The screenshot associated with the 'Your Computer Is In Blocked State' notifications is modified and might include the 800-490-5352 toll-free phone line. As mentioned above, the pages that host the 'Your Computer Is In Blocked...

Posted on April 27, 2017 in Adware

BestZiper

The BestZiper software that you may be invited to install via a free software package is deemed as riskware and Potentially Unwanted Program (PUP). The BestZiper program does not offer ownership information and valid digital signature. The tool is promoted as a viable alternative to apps like 7Zip, WinRAR and WinZip. The BestZiper app may enable users to open, pack and extract data in the 7ZIP, RAR, ZIP and TAR file formats. You can install BestZiper via freeware packages only and its site on bestziper.com features misleading information. There are no contact details at bestziper.com, and the marketing pitch says: 'WinZip is trusted by millions of businesses and consumers to boost productivity, simplify file sharing and keep information private. The world's number one compression and encryption software, WinZip offers apps for all of...

Posted on April 27, 2017 in Adware

FlowSpirit

The FlowSpirit software from SpiritSoft is promoted at spiritsoft.cn and ipts.com as a free tool for Webmasters that are interested in boosting the traffic to their pages. The FlowSpirit software is available under the names Traffic Spirit and Flow Wizard as well. Regular PC users may not be interested in FlowSpirit, but they may encounter the app in free software bundles. FlowSpirit (a.k.a. Traffic Spirit & Flow Wizard) is a network utility that requires a lot of processing power to facilitate its operations. It is best to read the F.A.Q. section at ipts.com/aq.php if you are interested in running FlowSpirit to increase the traffic to pages you manage. The FlowSpirit program is based on a modified Blink Web rendering engine, which performs requests to various pages on the Internet via a closed VPN network. All users that run...

Posted on April 27, 2017 in Possibly Unwanted Program

RecipeKart

The RecipeKart extension from Mindspark Interactive Network, Inc. is distributed to users via freeware bundles, and some users may be surprised to find that their browser loads Hp.myway.com/recipekart/ttab02/index.html as their new tab page. The RecipeKart browser extension is designed to change your new tab layout and may change your start page in Mozilla Firefox and Internet Explorer. The RecipeKart app is advertised as a friend to users who love to cook and explore new recipes. The RecipeKart program is available for free download and installation from the following sources: www.recipekart[.]com/index.jhtml chrome.google[.]com/webstore/detail/recipekart/ogfinmklpgmohidfadiempfallpbegoc You should take in consideration that the RecipeKart extension is deemed as a Potentially Unwanted Program (PUP) that is supported by marketers....

Posted on April 27, 2017 in Possibly Unwanted Program

‘Error Ticket: WBCKL457’ Pop-Ups

Web surfers that encounter the 'Error Ticket: WBCKL457' pop-up and a dialog box that says 'Authentication Required' may think that their PCs are under attack of a third party and their systems have prevented an authorized access. However, the 'Error Ticket: WBCKL457' alert represents a fake security message that can be found on pages like err.parachi[.]org, myeffert[.]online, astrumpops[.]online and many others. The 'Error Ticket: WBCKL457' report does not refer to legitimate security warnings from trusted cyber security solutions. Fake computer support agencies are known to register dummy sites, which mimic the appearance of Support.microsoft.com. The phishing portals are rigged with a script that displays the 'Error Ticket: WBCKL457' warning to scare users into contacting a ’certified Microsoft technician’ on toll-free phone lines...

Posted on April 26, 2017 in Adware

‘Microsoft Official Support System’ Pop-Ups

Internet browsers that load pop-up windows and new tabs titled 'Microsoft Official Support System,' which display an 'Error #36589627d866a6b' error notification are likely to be under the influence of a browser hijacker. The 'Error #36589627d866a6b' error notification and the 'Microsoft Official Support System' pop-ups are associated with badware that is programmed to alter your Internet settings and redirect you to domains like hstcdnbst.men and compromised pages. We have reports that unknown hackers breach the security of safe sites, edit their file structure and index file to publish a custom-made page, which promotes computer support services on a toll-free phone line. The ad acts as a fake security warning displayed over a screenshot of Support.microsoft.com. The 'Error #36589627d866a6b' alert may feature the following phone...

Posted on April 26, 2017 in Adware

Your Daily Trailer

The Your Daily Trailer browser extension is promoted to help movie enthusiasts gain access to a broad catalog of films and explore trailers for upcoming media content. The Your Daily Trailer extension may support Google Chrome and can be found on the following pages: Yourdailytrailer.yournewtab[.]com Chrome.google[.]com/webstore/detail/your-daily-trailer/edaiejofkjoolebkceoecjgpchnfhjnf Both pages claim that the Your Daily Trailer app is "The Must-Have Chrome New Tab for Movie Fans!" and "...you can watch exciting new trailers from your New Tab page!." PC users can download and benefit from the Your Daily Trailer extension for free. However, Your Daily Trailer is a product of APN, LLC. that is developed with the support of advertising networks. When you add the Your Daily Trailer widget to your Internet client you will be invited to...

Posted on April 26, 2017 in Possibly Unwanted Program

XPan Ransomware

The Xpan Ransomware is a file encoder Trojan that was reported to compromise systems based in Brazil. The Xpan Ransomware appears to be dropped on computer networks via compromised remote desktop connections. That means the authors of the Xpan Ransomware scan vulnerable systems and attack ports that are associated with remote desktop accounts. The Xpan Ransomware was reported for the first time by small and medium businesses on April 26th, 2017. Cyber security investigators that obtained samples of the Trojan reported that it is a product of the ‘TeamXRat’ BlackHat hackers who are tied to the XRat Ransomware and the NMoreira Ransomware. Moreover, a closer look at the code that powers the Xpan Ransomware revealed that it is identical to the AiraCrop Ransomware except for a few parameters. Evidently, the Xpan Ransomware comes with a...

Posted on April 26, 2017 in Ransomware

NM4 Ransomware

The NM4 Ransomware is an encryption Trojan that was announced to the cyber security community on April 26th, 2017. Initial threat analysis showed that the NM4 Ransomware is based on the R Ransomware and the NMoreira Ransomware. Consequently, some AV vendors may refer to the NM4 Ransomware as NMoreira 4 Ransomware. The Trojan at hand belongs to the same class as the JeepersCrypt Ransomware and the Shifr Ransomware. The distribution campaign for the NM4 Ransomware involves spam emails that carry a corrupted executable and links to compromised pages that are rigged with zero-day exploits. The NM4 Ransomware is a threat to regular users and corporate networks alike. Reportedly, the NM4 Ransomware is aimed at English-speaking users, and most cases that involve the Trojan are observed in North America and Western Europe. The NM4 Ransomware...

Posted on April 26, 2017 in Ransomware
1 2 3 4 5 6 7 8 9 10 11 1,144