Top Security News

Beware of Michael Jackson One Year Death Anniversary Spam Email To celebrate the life and legacy of one of the greatest entertainers of our time, fans around the world will once again be searching for their favorite Michael Jackson song and paying tribute to the King of Pop as we approach his one-year death anniversary. After the death of Michael Jackson on...
Warning: Menacing BlackHole Exploit Kit Targeting Windows PCs Now Available to Hackers for Free Christmas has come early for novice hackers and criminals looking to get their share of the scam operatives flooding the Internet after someone publicly set free not one but two dangerous malware tools in just under 30 days. Once available as a password protected archive, the Zeus malware kit and...
Hackers Attack Citibank Pilfering over 200,000 Credit Card Customers' Personal Data While more news on Rep. Anthony Weiner's (D-N.Y.) online sex scandal continues to appear, another hacking incident occurs, this time hackers broke into Citibank's computers stealing account numbers, names and contact information. Citibank, one of the biggest 4 banks in the USA, discovered a data...

Top Articles

GandCrab Ransomware

GandCrab ransomware is a malware threat that encrypts data on affected computers and demands the payment of ransom in exchange for a decryption tool. That cryptovirus appeared for the first time at the end of January this year, and since then researchers have identified several different versions of GandCrab, among which GDCB, GandCrab v2, GandCrab v3, GandCrab v4, and GandCrab v5. The latest version was identified just about a month ago in September 2018. The features and encryption mechanisms of this ransomware have evolved since its first appearance - while the initial three versions have used RSA and AES encryption algorithms to lock up data on the infected device, version 4 and above employ additional and more sophisticated cipher like Salsa20. Malware researchers believe that this is done mostly for speed reasons as the Salsa20...

Posted on January 29, 2018 in Ransomware

RobinHood Ransomware

The RobinHood Ransomware (RobbinHood Ransomware or RobbinHood File Extension Ransomware) is a ransomware Trojan that is used to harass computer users under the pretext of raising awareness and funds for the people of Yemen. In fact, there is no evidence to support the theory that the creators of the RobinHood Ransomware have altruistic motives. It is likelier that the con artists are using the RobinHood Ransomware to profit in the same way that the creators of most encryption ransomware Trojans act today. However, the ransom demand in the case of the RobinHood Ransomware is extremely elevated, making it very unlikely that any individual PC users will pay the RobinHood Ransomware ransom in case of an attack. Take preventive measures against ransomware Trojans like the RobinHood Ransomware, which are becoming common increasingly. Yemen...

Posted on August 4, 2017 in Ransomware

WannaCryptor or WanaCrypt0r Ransomware

WannaCryptor or WanaCrypt0r Ransomware screenshot

The WanaCrypt0r Ransomware is an encryption Trojan that features a worm-like attack tactic. The WanaCrypt0r Ransomware is recognized as one of the most threatening and widespread encryption Trojans up until May 12th, 2017. The WanaCrypt0r Ransomware managed to compromise more than hundreds of thousand systems across one hundred and forty countries on its first release to the real world. The brunt of the attack was taken by PC users in Russia and the National Healthcare System in Great Britain. The Trojan managed to block access to most of the computers connected to the National Healthcare System and nearly 70% of the cases that involve the WanaCrypt0r Ransomware are recorded in Russia....

Posted on March 29, 2017 in Ransomware

More Articles

DMR Ransomware

Despite the best efforts of anti-virus vendors, the success of ransomware continues to grow with each passing month. 2019 has been marked by harmful attacks of major ransomware families like the STOP and the Dharma, but there are also numerous smaller projects that should not be underestimated. One of those is the DMR Ransomware, a file-encryption Trojan that was spotted for the first time in December. This project is unlikely to be related to any of the previously known ransomware families, and, unfortunately, it also seems to use a flawless file-encryption algorithm that is impossible to crack or decipher. This means that once the DMR Ransomware encrypts a file, its recovery might not be possible unless the ransomware's operators release the unique decryption key used during the attack. Of course, the operators of the DMR Ransomware...

Posted on December 13, 2019 in Ransomware

Montserrat Ransomware

Ransomware continues to rise in popularity among cybercriminals, and the number of users who have fallen victim to ransomware attacks continues to increase. Regardless of these facts, many users are still adamant about taking the necessary measures to protect their computers and their files from file-lockers. This is one of the reasons why new threats like the Montserrat Ransomware continue to appear despite the efforts of anti-virus product vendors. The Montserrat Ransomware is a project that is likely to have been written from scratch since it does not share major code similarities with other file-lockers. Its authors appear to be using various tricks to get users to run the corrupted binary on their computers – often, the Montserrat Ransomware might be disguised as a harmless email attachment, game crack, pirated movie, or another...

Posted on December 13, 2019 in Ransomware

VeePN

VPN services are becoming popular nowadays increasingly because they can provide users with a sense of privacy and anonymity that is not typical for the modern-day Internet. If you are looking for a VPN service to use, then you might have already noticed that there are thousands of companies and software suites to choose from. While we cannot help you make the right choice, we can tell you that there is a certain piece of VPN software that you are likely to be better off ignoring – VeePN. VeePN is classified as a Potentially Unwanted Program (PUP) by multiple PC security products. It is important to note that PUPs are not unsafe applications, but they may sometimes exhibit undesired behavior and annoying side effects. VeePN is available as either a stand-alone application or an extension for popular Web browsers like Google Chrome....

Posted on December 13, 2019 in Potentially Unwanted Programs

Awesome Sports Search

If you are a sports follower, then the installation of the Awesome Sports Search browser extension may seem like a great idea – this utility offers to provide its users with access to up-to-date news, updates, results, schedules, and other information from the world of sports. Although everything may seem great at first glance, you should know that the Awesome Sports Search extension is in the category of Potentially Unwanted Program (PUP). Programs that fit in this classification do not exhibit harmful behavior, but they may sometimes bring unexpected changes to your computer's configuration or exhibit other undesired behavior. In the case of the Awesome Sports Search, users who install it may notice that their Web browser's default new tab page and homepage may be replaced by a search engine affiliated with the Awesome Sports Search....

Posted on December 13, 2019 in Potentially Unwanted Programs

Krampus-3PC

The Krampus-3PC is a threat that targets Apple mobile devices exclusively. The authors of the Krampus-3PCmalware have made sure that their threat runs several checks to determine whether the device was made by Apple or not. All users who were not operating an Apple device were spared. Another interesting trait of the Krampus-3PC malware is that it operates online entirely. This allows the threat to carry out its campaigns very silently, as no traces of unsafe activity would be left on the affected device. Propagation Method The Krampus-3PC threat appears to be distributed with the help of malvertising campaigns. Oddly enough, instead of using shady promotional networks to carry out this operation, the creators of the Krampus-3PC have taken advantage of legitimate advertising companies. The attackers have used a rather cunning technique...

Posted on December 12, 2019 in Malware

Guerilla

Nowadays, with the ever-growing number of smartphones globally, there are malware types targeting mobile devices. Among them is a threat that is often referred to as click fraud. Usually, click fraud involves a shady administrator of a website with advertisements paying low-wage workers or using bots to click on the advertisements present on their site to generate more revenue from the parties advertising on their platform. However, click fraud also can take other forms, such as boosting the stats of mobile applications. This is the case of the Guerilla threat - an Android Trojan whose goal is to hijack mobile devices and use them to pump the statistics of various applications hosted on the Google Play Store artificially. Propagation Method The creators of the Guerilla Trojan had been distributing this threat via bogus applications...

Posted on December 12, 2019 in Malware

SearchAdditionally

A growing number of cyber crooks are taking an interest in developing malware targeting systems running the OSX. However, there also are other shady individuals that target Mac users. Unlike full-blown cybercriminals, these dubious actors do not take part in creating malware, but instead, they release low-quality applications and extensions that exaggerate their capabilities and mislead users purposefully. An effective example of this would be the SearchAdditionally application. This application is compatible with devices running the OSX only. Pushes Shady Advertisements and Collects Browsing Data The authors of the SearchAdditionally application claim that their creation will enhance the user’s search results greatly by delivering more relevant results. However, this is not the case, certainly. Users who download and install the...

Posted on December 12, 2019 in Adware

'CRITICAL_PROCESS_DIED' Pop-Ups

Online schemes have existed since the dawn of the Internet. Among the countless tricks used by online conmen are fake technical support tactics. Often, these tactics would involve a bogus website that has been designed to display fraudulent alerts as soon as a user visits them. These alerts tend to claim that the user’s system has been compromised with a threat or a system error has occurred. This is a social engineering trick designed to pressure users into taking actions that they normally would not take. One of these tactics presents users with a ‘Stop code: CRITICAL_PROCESS_DIED’ message. Next, the user is advised to get in touch with ‘Microsoft Support’ immediately to solve the problem. However, the intimidating alert is not legitimate, and the phone number that the user is provided with is no way affiliated with the Microsoft...

Posted on December 12, 2019 in Adware

Hoardy

The Hoardy backdoor Trojan is a threat that has been employed in several attacks targeting high-profile individuals. This Trojan is the creation of a hacking group called the Flea group, and its most infamous campaign took place right before the G20 summit in 2014 and targeted high-ranking politicians. The Hoardy backdoor Trojan has since been utilized in several other shady operations. Usually, hacking campaigns that employ the Hoardy backdoor do not last very long, which has led experts to believe that the goal of the attackers is likely to grab as much information as they can quickly and cease the operation to remain under the radar of the victim. Propagation Method To propagate the Hoardy backdoor Trojan, the Flea hacking group is using phishing emails that they have tailored to look as legitimate as possible. The target would...

Posted on December 11, 2019 in Backdoors

Khalesi

Infostealers are among the favorite hacking tools of cybercriminals around the world. This is because this malware type is usually very small in terms of size, which allows it to carry out silent operations that can be highly successful potentially. Infostealers may allow their operators to collect information from messaging applications, email clients, Web pages, etc. Normally, infostealers connect to their creators’ C&C (Command & Control) server and siphon all the collected data to straight to the attackers. The Khalesi malware belongs to the infostealer class, and it appears to be active in the wild. Propagation And Persistence The Khalesi infostealer is likely being propagated via several means of distribution such as malvertising campaigns, bogus application downloads, mass spam email campaigns, pirated media, and software, etc....

Posted on December 11, 2019 in Malware

TheEasyWayPro

There are numerous Web browser extensions that claim to perform all sorts of useful tasks, but a significant number of them are not at all what they claim to be. TheEasyWayPro is an excellent example of this. This Web browser extension states that it will provide users with helpful directions and handy maps. The developers of this extension are likely targeting users who go hiking frequently or enjoy traveling often. However, the TheEasyWayPro extension is not offering anything unique to its users. Instead, this extension utilizes already existing free services such as Google Maps. This means that there’s no need to install the TheEasyWayPro to use the services that it offers as they are already free and available publicly. Alters Users’ Default Search Engine Users who choose to add the TheEasyWayPro to their Web browser may experience...

Posted on December 11, 2019 in Potentially Unwanted Programs

Startrafficc.com

The Startrafficc.com site is a dodgy Web page that uses shady tactics to trick users into executing actions that they would not otherwise perform. In other words, the administrators of the Startrafficc.com utilize various social engineering to achieve their goals. Sometimes, administrators of shady websites use their platform to propagate threatening malware that has the potential to harm users’ systems seriously. However, the operators of the Startrafficc.com site do not take this outright unsafe strategy. Instead, they use their website to spam users with unwanted advertisements. Social Engineering Tricks The operators of the Startrafficc.com page claim that users need to click on the ‘Allow’ button that they are presented with if they want to see the content hosted on their websites. If the users fall for this and click on the...

Posted on December 11, 2019 in Browser Hijackers

Code Red Worm

Code Red (CodeRed) is a computer worm that affected MS ISS web servers back in the early 2000s. At the peak of its popularity, it affected nearly half a million host systems. Code Red uses a simple but effective vulnerability of older ISS web servers. the worm causes a buffer overflow by using a particularly long string of symbols, the netter N in this case, to overflow the software buffer. This, in turn, allows the malware to execute the arbitrary code it needs and spread further, while defacing the host in the process. Servers who were infected by the Code Red worm had their pages replaced with the following text: HELLO! Welcome to http://www dot worm dot com! Hacked By Chinese! The worm was also set up in a way which allowed it to perform different tasks depending on the day of the month, obtained from the victim's system clock. On...

Posted on December 11, 2019 in Worms

Misleading:Win32/Lodi!MSR

The Windows Defender Antivirus uses the Mislead-ing:Win32/Lod!MSR detection name to signal a potential threat that may be present on the user's system. It is of key importance that the detection of the threat is not based upon a key piece of software or file per se but is instead applying heuristic methods to identify a potential unsafe activity. Every legitimate anti-malware application utilizes such techniques when looking for and identifying potential malware that may be present on the user's computer. However, even if the said anti-virus tool pre-sents you with the Misleading:Win32/Lod!MSR detection alert that does not mean that there is an unsafe activity taking place on your system necessarily. Sometimes, harmless files downloaded from trustworthy sources may trigger a false positive and spawn the Mislead-ing:Win32/Lod!MSR alert....

Posted on December 10, 2019 in Misleading Programs

AppleJeus

Cyber crooks take an increasing interest in creating threats targeting devices running OSX. One of the newest threats of this type that cybersecurity experts have spot-ted is called AppleJeus. The AppleJeus threat is a Trojan backdoor with several intriguing features. The authors of the AppleJeus Trojan are propagating it using a bogus digital asset currency exchanges. Any user that would like to use the service is urged to download a digital asset trading platform. However, as soon as the users down-load and install the file, the AppleJeus Trojan backdoor will be planted on their systems silently. Apart from the variant of this threat that targets Mac computers, the au-thors also have developed a copy that goes after Win-dows systems too. The Windows variant of this threat does not possess any qualities that are too impressive, but...

Posted on December 10, 2019 in Backdoors
1 2 3 4 5 6 7 8 9 10 11 1,379