Top Security News

Beware of Michael Jackson One Year Death Anniversary Spam Email To celebrate the life and legacy of one of the greatest entertainers of our time, fans around the world will once again be searching for their favorite Michael Jackson song and paying tribute to the King of Pop as we approach his one-year death anniversary. After the death of Michael Jackson on...
Warning: Menacing BlackHole Exploit Kit Targeting Windows PCs Now Available to Hackers for Free Christmas has come early for novice hackers and criminals looking to get their share of the scam operatives flooding the Internet after someone publicly set free not one but two dangerous malware tools in just under 30 days. Once available as a password protected archive, the Zeus malware kit and...
Hackers Attack Citibank Pilfering over 200,000 Credit Card Customers' Personal Data While more news on Rep. Anthony Weiner's (D-N.Y.) online sex scandal continues to appear, another hacking incident occurs, this time hackers broke into Citibank's computers stealing account numbers, names and contact information. Citibank, one of the biggest 4 banks in the USA, discovered a data...

Top Articles

RobinHood Ransomware

The RobinHood Ransomware (RobbinHood Ransomware or RobbinHood File Extension Ransomware) is a ransomware Trojan that is used to harass computer users under the pretext of raising awareness and funds for the people of Yemen. In fact, there is no evidence to support the theory that the creators of the RobinHood Ransomware have altruistic motives. It is likelier that the con artists are using the RobinHood Ransomware to profit in the same way that the creators of most encryption ransomware Trojans act today. However, the ransom demand in the case of the RobinHood Ransomware is extremely elevated, making it very unlikely that any individual PC users will pay the RobinHood Ransomware ransom in case of an attack. Take preventive measures against ransomware Trojans like the RobinHood Ransomware, which are becoming common increasingly. Yemen...

Posted on August 4, 2017 in Ransomware

WannaCryptor or WanaCrypt0r Ransomware

WannaCryptor or WanaCrypt0r Ransomware screenshot

The WanaCrypt0r Ransomware is an encryption Trojan that features a worm-like attack tactic. The WanaCrypt0r Ransomware is recognized as one of the most threatening and widespread encryption Trojans up until May 12th, 2017. The WanaCrypt0r Ransomware managed to compromise more than hundreds of thousand systems across one hundred and forty countries on its first release to the real world. The brunt of the attack was taken by PC users in Russia and the National Healthcare System in Great Britain. The Trojan managed to block access to most of the computers connected to the National Healthcare System and nearly 70% of the cases that involve the WanaCrypt0r Ransomware are recorded in Russia....

Posted on March 29, 2017 in Ransomware

Ryuk Ransomware

The Ryuk Ransomware is a data encryption Trojan that was identified on August 13th, 2018. It appears that private companies and healthcare institutions have been compromised with the Ryuk Ransomware. Threat actors were reported of infecting organizations in the USA and Germany. Initial analysis suggests the threat was injected in systems through compromised RDP accounts, but it is possible that there is a parallel spam campaign that carries the threat payload as macro-enabled DOCX and PDF files. General Facts and Attribution Ryuk Ransomware appeared in the middle of August 2018 with several well-planned targeted attacks against major organizations worldwide, encrypting data on infected PCs and networks and demanding the payment of a ransom in exchange for a decryptor tool. Ryuk does not demonstrate extremely advanced technical skills,...

Posted on August 23, 2018 in Ransomware

More Articles

Phoenix Keylogger

In July 2019, malware researchers spotted a new threat that was being advertised on hacking forums. Its name is the Phoenix Keylogger, and it is being offered as a ‘malware-as-a-service.’ One can rent the Phoenix Keylogger for as low as $14.99/month. For con artists who would like to have it for a longer period, the creators of the Phoenix Keylogger also offer $34.99/3 months and $78.99/lifetime subscriptions. This is not a very high price, and it is likely that more and more shady individuals will subscribe to the Phoenix Keylogger and spread this nasty threat. Capabilities Since its release in July, the Phoenix Keylogger has been improved greatly. Its creators have added new capabilities and improved the self-preservation features of the threat. The Phoenix Keylogger is capable of detecting whether it is being launched in a sandbox...

Posted on November 20, 2019 in Keyloggers

FakeAdsBlock

Nowadays, a smartphone has become part of almost everyone's life,, and it is only natural that shady individuals will try to find a way to exploit this. This is why the number of malware strains and dodgy software targeting smartphones is certainly on the rise. Another pest that targets tablets and smartphones is adware. Creators of adware invent new techniques to convince the user to give their application the permissions it requires and then begin spamming constant advertisements constantly. Among the newest Android adware is called FakeAdsBlock. It seems that the developers of the FakeAdsBlock adware are propagating it through third-party Android application stores. Funnily enough, the authors of the FakeAdsBlock adware have opted to mask their creation as an application that is meant to block advertisements. However, as you may...

Posted on November 20, 2019 in Adware

CyborgLock Ransomware

A growing number of cybercriminals are taking an interest in developing and distributing ransomware threats. Some are highly-skilled individuals, while others are much less experienced in the field of malware. The CyborgLock Ransomware is among the newest spotted file-locking Trojans, and experts believe that this threat may be the creation of a less experienced individual. What leads malware researchers to believe this is that the ransom fee is demanded in the shape of Amazon gift cards. Most creators of ransomware threats tend to require the fee be paid in Bitcoin or other popular cryptocurrencies, as this would be untraceable. Propagation and Encryption The propagation techniques used in the spreading of the CyborgLock Ransomware remain unknown. It is likely that the attackers are using spam emails with macro-laced attachments,...

Posted on November 20, 2019 in Ransomware

Wacatac Ransomware

The Wactac Ransomware is a threat, which at first glance appears to be a file-locking Trojan, but it does not function as a ransomware threat because it lacks the ability to encrypt data. This threat also is known as the DeathRansom Ransomware. Since the Wactac Ransomware is not capable of encrypting your data, you would be able to reverse the damage done to your files easily. When the Wactac Ransomware infiltrates your system and targets your files, it will alter them by adding a ‘.wctc’ extension to their names. This means that a file that you had named ‘awareness.mp3’ will be renamed to ‘awareness.mp3.wctc.’ However, if you want your files to be usable again all you have to do is remove the ‘.wctc’ extension that is at the end of the filenames. The Ransom Note The Wactac Ransomware drops a ransom note on the user’s desktop as an...

Posted on November 20, 2019 in Ransomware

Inter

In the past, the term skimming used to be linked to crooks collecting credit card data from ATMs (Automated Teller Machines) exclusively. The operation would be carried out by the criminals installing a well-masked piece of hardware onto an ATM and then gathering the sensitive credit card data of users who use the machine. However, cyber crooks also have taken an interest in skimmers, and a new malware has been developed, which is often referred to as online skimming. Usually, an online skimmer would consist of a difficult to detect JavaScript code that is injected into the check-out page of an online store. Of course, the online skimmer would not change the interface or functionality of the compromised website, and users will be oblivious to its unsafe activity. This allows the operators of the online skimmer to collect the credit...

Posted on November 19, 2019 in Malware

ACBackdoor

Most malware strains target Windows running machines, as this is the most popular operating system in the world undoubtedly. However, this does not mean that systems running alternative operating systems like OSX or Linux are impenetrable fortresses. Recently, researchers spotted a new malware strain that is capable of targeting various operating systems. The name of the threat is ACBackdoor, and it appears to be compatible with both Linux and the Windows OS. The Linux variant of the ACBackdoor is rather impressive. The Linux-based ACBackdoor executes its code without files, which reduces the footprint of the threat on the compromised device. Furthermore, this variant of the ACBackdoor can tamper with the properties of the running processes on the infected host. However, it would appear that the creators of the ACBackdoor likely...

Posted on November 19, 2019 in Backdoors

Dom Ransomware

Ransomware threats are perhaps one of the worst malware type one may have to deal with. These nasty data-locking Trojans sneak into the computers of unsuspecting users, encrypt all their data, and then extort them for money. To makes matters worse, this is certainly among the most popular malware types that are being distributed daily. One of the latest ransomware threats spotted is called the Dom Ransomware. The Dom Ransomware belongs to the popular Scarab Ransomware family. Propagation and Encryption Malware researchers have not yet uncovered what the infection vectors used in the propagation of the Dom Ransomware are. One of the most well-used methods of distributing threats of this kind is spam emails. The fake email would contain a fraudulent message whose goal is to convince the user to launch the attached file by making it seem...

Posted on November 19, 2019 in Ransomware

Mbed Ransomware

Ransomware threats are one of the most popular malware types in recent years. They are simple to build (provided that one uses a ransomware building kit) and easy to distribute threats that are capable of causing great damage to their targets. Among the newest spotted threats of this class is the Mbed Ransomware. When researchers uncovered and dissected this Trojan, they found that it is a variant of the infamous STOP Ransomware family. Without a doubt, the STOP Ransomware family has been the most active ransomware family throughout 2019, claiming numerous victims. Propagation and Encryption The authors of the Mbed Ransomware are likely using mass spam emails to propagate their creation. The emails would contain a fake message that utilizes various social engineering tricks to try to convince the user to open the attached file. The...

Posted on November 19, 2019 in Ransomware

NextCry Ransomware

Ransomware threats usually sneak into a computer and make sure to lock all the data present before they attempt to blackmail the victim into paying a ransom fee. However, some authors of ransomware threats are more creative. One of the newest spotted threats is called NextCry Ransomware. Instead of targeting computers, the NextCry Ransomware goes after a file-sharing service called NextCloud. The NextCloud service is popular both among regular users and small and large businesses. Users of the NextCloud platform have been targeted by the cyber crooks behind the NextCry Ransomware, and victims have had their data encrypted. Encryption and Synchronization When cybersecurity experts studied the NextCry Ransomware, they found that most of it is written in the Python programming language. The NextCry Ransomware can only operate on operating...

Posted on November 18, 2019 in Ransomware

Pipka

The Pipka malware is a skimmer written in the JavaScript programming language, which was spotted by VISA recently. Skimmers are becoming popular increasingly, as they are rather easy to build. However, despite skimmers, generally speaking, being quite easy to create, they are not as easy to use. It requires the authors of the skimmer to infiltrate a shopping website and plant their tool into the compromised system quietly. The skimmer would be added to the check-out page of the website and serves to collect the payment data of the customers. The Pipka skimmer is not too different from most malware of this class. However, it does have a few interesting features, which are worth mentioning. Operates Very Silently The unsafe activity of the Pipka skimmer was spotted on a shopping website from North America initially. The online store in...

Posted on November 18, 2019 in Malware

SySS Ransomware

Ransomware threats have been plaguing online users for years. One of the most active ransomware families in 2019 has undoubtedly been the Dharma Ransomware family. The most recent data-locking Trojan, which belongs to this infamous ransomware family, is the SySS Ransomware. There has not yet been a free decryption tool released, which means that the victims of the SySS Ransomware are left with their hands tied for the moment. Propagation and Encryption If you browse low-quality websites, there is a higher chance that you may become a victim of ransomware. Threats like the SySS Ransomware are often distributed via fake application updates, pirated variants of popular software tools and torrent trackers. The most popular propagation method when it comes to ransomware, however, is probably spam email campaigns. Cyber crooks would tailor a...

Posted on November 18, 2019 in Ransomware

'Microsoft-2019-windows.com' Pop-Ups

One of the most popular tactics online is the technical support tactic. These dirty tricks have been around for about twenty users, and it cannot be estimated how many users have fallen victims to this enticement. Usually, fraudsters would build a website that appears to be legitimate in an attempt to trick the user into trusting them. These fake Web pages would often claim that the user's system has been compromised or has some technical issues. Oftentimes, the con artists also would claim that the supposed problem needs to be taken care of urgently, or the user's system may suffer permanent damage. Of course, this is one of their social engineering tricks whose goal is to intimidate and time-pressure the user into doing what the scammers have in mind. Claims that Your Computer has been Infected The 'Microsoft-2019-windows.com' site's...

Posted on November 18, 2019 in Adware

Sphinx Ransomware

Malware researchers have uncovered a new data-encrypting Trojan in search of new victims. This new threat was dubbed the Sphinx Ransomware. It does not appear that the Sphinx Ransomware belongs to any of the popular ransomware families. Propagation and Encryption The infection methods utilized in the spreading of this nasty Trojan are not yet known. Researchers believe that the creators of the Sphinx Ransomware may be using mass spam email campaigns to propagate this threat. This would mean that targeted users will receive an email containing a fraudulent message and an attached file. The message’s goal is to convince the user that it is safe to launch the attachment. However, the attachment is usually a macro-laced document, and opening it will allow the Sphinx Ransomware to execute its corrupted script. Of course, there are other...

Posted on November 15, 2019 in Ransomware

LimeRevenge RAT

Remote Access Trojans (which are often referred to as RATs for short) are a very malware type. Nearly anyone can get their hands on a RAT even if they do not have the capabilities to build one themselves. This threat is available for purchase readily and to be rented on underground hacking forums. One can even opt to use a free RAT even though these are likely to be of lower quality compared to the paid ones. The more high-end RATs are better at remaining under the radar of their victim and any potential anti-virus applications. This allows its operators to have access to the compromised host for long periods and cause more damage. A RAT which is popular with both less experienced cybercriminals and highly-skilled cyber crooks is the RevengeRAT. Cybersecurity experts have stumbled upon a new and upgraded variant of the classic...

Posted on November 15, 2019 in Remote Administration Tools

CredRaptor

Despite staying on the down-low for a while, the Telebots hacking group appears to have reemerged from the shadows. This hacking group has gone down in history with the first-ever blackout caused by a hacking tool. They are known for developing very complex, high-end malware. Unlike some hacking groups that tread carefully and do not aim to cause damage to the compromised hosts, the Telebots group takes a different approach. They have very little regard for their targets’ systems and data, and some of their threats are known to cause permanent, irreversible damage to its victims. Telebots Group’s Hacking Arsenal Among some of its more well-known hacking tools are: BlackEnergy – A tool that was used in various operations targeting the energy sector in Ukraine. Industroyer – The malware, which made history also targeted the Ukrainian...

Posted on November 15, 2019 in Backdoors
1 2 3 4 5 6 7 8 9 10 11 1,374