Top Security News

Beware: Cybercriminals Leveraging Coronavirus to Exploit Computer Users and Spread Malware It hasn't taken a lot of time for threat actors to realize the social engineering opportunity that the novel coronavirus (2019-nCoV) has presented them. The respiratory infection that originated in...
Infections Abound as Computer Malware Exploiting COVID-19 Coronavirus Spreads Rapidly Adding to Worldwide Hysteria There's no doubt that the Coronavirus has created a worldwide hysteria and pandemic from having a negative impact on many economies to pressing government officials to hold conferences addressing...
Hackers Exploiting Coronavirus Fears To Push Malware As the Covid-19 pandemic goes into full swing, we see increasing numbers of hackers and nation-state actors trying to exploit the global fears for their own gains, spreading malicious software...

Top Articles

WebDiscover Browser

WebDiscover Browser screenshot

WebDiscover Browser is an adware threat developed by a Canada-based company named WebDiscover Media. Once installed on a PC, the malicious app makes a series of unwanted changes to all browsers installed on the computer, leading to a deteriorating online surfing experience. WebDiscover replaces the default home pages and search engines of affected Internet browsers with its own WebDiscover Homepage and WebDiscover Search, respectively. Furthermore, the malicious app modifies the “new tab” settings so that the corrupted browsers launch the malware's own search portal page when the user opens a new tab. Chrome users may not even recognize WebDiscover as an unwanted program and think they...

Posted on July 3, 2015 in Browser Hijackers

CoronaVirus Ransomware

CoronaVirus Ransomware screenshot

The CoronaVirus Ransomware (also called CoronaVi2022 Ransomware) is a file-locker, which was released in the wild recently, and it seems that its author has opted to use the name of the Coronavirus (also known as COVID-19), which is a disease that is threatening users worldwide. Just like the disease it is named after, the CoronaVirus Ransomware also threatens users worldwide, but in a different way – it will try to encrypt their files, and also overwrite the contents of their drive's Master Boot Record (MBR). The latter operation may cause a lot of trouble, since the victims' computers will not load their operating system and, instead, they will display a copy of the CoronaVirus...

Posted on March 12, 2020 in Ransomware

Hackers Spreading Malware via Coronavirus Maps Online

Hackers Spreading Malware via Coronavirus Maps Online screenshot

The ongoing outbreak of the coronavirus is now disrupting business across the world, but apparently cybercriminals have no days off, since they're just as active as they were before the beginning of the outbreak. It appears they are now capitalizing on the fears of the people regarding the pandemic. It was back in January that the hackers started using the coronavirus threat as a focus of an email campaign that infected users with malware, and now they are expanding their operations to coronavirus outbreak maps that follow the number of infections and deaths across the world. Many organizations are feeling the pressure from these attacks, such as John Hopkins University who created...

Posted on March 11, 2020 in Computer Security

APT Attack Spreads Malware Using Coronavirus Theme

APT Attack Spreads Malware Using Coronavirus Theme screenshot

The APT (Advanced Persistent Threat) group was spotted sending out spear-phishing emails that allegedly have detailed information about COVID-19, a.k.a. Coronavirus, but instead, they infect the victims with a custom remote access Trojan (RAT). The group is using the coronavirus pandemic to infect unsuspecting victims with a previously unseen malware. The malware is dubbed 'Vicious Panda' by researchers, with the attackers using it in a campaign at the moment. Researchers managed to find two Rich Text Format (RTF) files that were targeting the Mongolian public sector during the outbreak. Once the files are open, a unique and custom-made remote access Trojan is executed. It develops a list...

Posted on March 16, 2020 in Computer Security

Top 5 Popular Cybercrimes: How You Can Easily Prevent Them

Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles, the days of robbing banks in person are gone and now it all takes place behind a screen of a computer connected to the Internet. The Internet can be the most useful tool in business, school or every-day life. At the same time, the Internet can make someone's life a living hell in the event that one becomes the next victim of a cybercrime. A large percentage of the world's population that uses computers over the Internet are aware of cybercrime and the consequences that they may face if they succumb to a cybercriminals' trap. Others who have no clue as to the dangers they...

Posted on October 12, 2010 in Computer Security

$1000 Walmart Gift Card Winner Fake Pop-up

$1000 Walmart Gift Card Winner Fake Pop-up screenshot

Do Not Be Fooled by the '$1000 Walmart Gift Card Winner' Fake Pop-Up The '$1000 Walmart Gift Card Winner' fake pop-up is a pop-up window that is part of a common online scam. Criminals take advantage of inexperienced computer users by displaying misleading advertisements and pop-up windows in an attempt to lead them to attack websites or to convince them to disclose their online account or credit card information. The '$1000 Walmart Gift Card Winner' fake pop-up works by displaying a window with the Walmart logo and colors, claiming that the computer user has won a $1000 USD gift card for Walmart. However, clicking on this window leads the victim to an attack website which will attempt to...

Posted on January 24, 2012 in Fake Error Messages

AntiMalware

AntiMalware screenshot

A typical deceptive campaign is disguising harmful threats as legitimate security programs in order to steal money from inexperienced victims. AntiMalware is a particularly short-named version of this campaign, with clones with names such as Active Security and Total Security. AntiMalware uses an interface that is very similar to the Windows Defender and legitimate Microsoft security programs, to make the victim believe that AntiMalware is a legitimate anti-malware application. Observing AntiMalware's design, you will quickly spot authentic-looking Windows and Microsoft Security Essentials logos as well as a layout that may seem familiar to most users of legitimate Microsoft Security...

Posted on November 9, 2009 in Rogue Anti-Spyware Program

Beware of Fake Walt Disney World Facebook Pages Offering Chances to Win a Free Vacation

Astonishingly, it is nothing new to discover that cybercrooks have setup some fake page using a legitimate and well-known entity to trick computer users into getting something that seems too good to be true. In the latest scheme of things cyerbcrooks have created several fake Walt Disney World pages on Facebook that attempt to offer chances for winning tickets if they share and like some of the posts. Facebook is a playground for cybercriminals and it does not take much effort on a criminal's part to setup a fake page offering enticing deals for computer users, which in reality spread an aggressive scam. One of the current scams involves fake Walt Disney World pages that claim to give you and 50 other people a chance to win an all-paid-for Florida Disney World vacation. The deal does sound rather interesting and could very well be...

Posted on March 20, 2014 in Computer Security

'National Consumer Center' Pop-Ups

'National Consumer Center' Pop-Ups screenshot

The 'National Consumer Center' pop-ups are connected to known online tactics. According to complaints, the 'National Consumer Center' pop-ups may claim that the computer user has won a free iPhone or some other similar costly prize. The 'National Consumer Center' pop-ups may include the legend 'National Consumer Center' in the upper left corner, with an official looking font, and advertisements on the right. These pop-ups are among the most common online tactics and may be used to intrude on the computer user's privacy. The 'National Consumer Center' pop-ups may be caused by adware components installed on the affected Web browser. However, the 'National Consumer Center' pop-ups also may...

Posted on April 28, 2016 in Browser Hijackers

More Articles

GuLoader

The GuLoader threat is an interesting mix of a loader, which can inject various threats on the compromised host and a regular Trojan downloader. This sophisticated tool appears to be utilized by various cybercriminals and hacking groups. According to reports, the GuLoader threat has been used to plant cryptocurrency miners, RATs (Remote Access Trojans), backdoor Trojans and other threatening malware. In the most recent campaigns, the GuLoader malware was used to inject the Parallax RAT and the Remcos RAT in the compromised hosts. The infection vector most commonly used for the spreading of the GuLoader malware is phishing emails. Usually, the targeted user would receive an email that appears to originate from a legitimate source. These fake emails often contain an attached file that is designed to look important – CV, invoice,...

Posted on April 3, 2020 in Ransomware

Mandrake

There is a new high-end campaign targeting Android users located in Australia with a tool called Mandrake. Of course, the cyber crooks behind the Mandrake hacking tool may choose to change their focus and target users from a different location in future campaigns. The Mandrake malware first emerged in 2016. Ever since malware analysts spotted the Mandrake threat, its creators have been introducing regular updates. The creators of the Mandrake threat have added new features, optimized old ones, removed unnecessary modules, and overall improved the hacking tool to ensure it remains very potent. The Mandrake malware can be distributed to thousands upon thousands of users easily. However, its operators are not taking the mass-spam approach. Instead, they appear to pick their targets carefully. There are only about 500 copies active...

Posted on April 3, 2020 in Spyware

WANNACASH NCOV Ransomware

The WANNACASH NCOV Ransomware is a brand-new data-locking Trojan that was spotted by malware researchers. Like many other cybercriminals, the creators of the WANNACASH NCOV Ransomware have opted to exploit the Coronavirus outbreak that is sweeping the world to generate some cash for themselves. We have seen a massive increase in fraudulent websites, online tactics, and various malware since the COVID-19 pandemic started making headlines worldwide. Countless cyber crooks are using this crisis to benefit, and the creators of the WANNACASH NCOV Ransomware are a great example. Propagation and Encryption The WANNACASH NCOV Ransomware is likely being spread with the help of bogus emails that contain corrupted attachments. This is a trick utilized by many authors of ransomware threats. Another commonly utilized technique is software...

Posted on April 3, 2020 in Ransomware

Jest Ransomware

Malware analysts have spotted a new data-encrypting Trojan targeting users online. This new Trojan has been dubbed the Jest Ransomware. Ransomware is very popular in the world of cybercrime since even less-experienced cyber crooks can create and distribute them with the help of ransomware building kits and similar tools. Propagation and Encryption Authors of ransomware threats like the Jest Ransomware use various techniques to distribute their creations. Some of the most popular ones include malvertising operations, pirated applications, torrent trackers, bogus software downloads and updates, mass spam email campaigns, etc. Some cyber crooks may even opt to use a combination of distribution methods to propagate these threatening file-encrypting Trojans. To harm the infected host as much as it can, the Jest Ransomware is likely capable...

Posted on April 3, 2020 in Ransomware

AresLookup

The AresLookup utility is a tool designed to target Mac computers. At first glance, this application may seem like a tool that would help enhance one's search results. However, this is not the case most certainly, as malware researchers have classified the AresLookup utility as adware. Many adware programs compromise user's systems by masking themselves as an application update that needs to be applied or an application download. In the case of the AresLookup adware program, the user is presented with a window titled 'Flash Player Installer' that urges them to install the application. Some adware utilities are bundled up with useful free applications. If the users try to install the application they were interested in and fail to pay attention during the installation process initially, they are likely to agree to install adware...

Posted on April 3, 2020 in Mac Malware

Ada Covid Ransomware

Many cybercriminals are attempting to use the COVID-19 pandemic plaguing the globe to generate revenue. The creators of the Ada Covid Ransomware are no exception. Recently, malware researchers have noticed a great increase in the number of online cons, nasty malware threats, and other fraudulent schemes that try to use the Coronavirus outbreak to trick users. Propagation and Encryption It is not disclosed what is the infection vector used in the propagation of the Ada Covid Ransomware. It is likely that the perpetrators are using a combination of distribution methods that include malvertising, torrent trackers, dodgy activations tools, bogus application downloads and updates, spam emails containing corrupted macro-laced attachments, etc. Once the Ada Covid Ransomware manages to infiltrate your computer, it will begin its encryption...

Posted on April 3, 2020 in Ransomware

Pushishere.com

There are countless fake websites online that do not host any meaningful content but claim to do so to trick users into launching them. Among them is the Pushishere.com page. If you try to open the Pushishere.com website, you will see a prompt asking you to click on the 'Allow' button immediately. The site claims that users who do not comply will not get to access the page and view its content. This is known as the 'Please Click Allow to Continue' online con. If you comply with the fake website's instructions, you will grant it permission to send you push-notifications. This can prove to be very irritating quickly, as the Pushishere.com site will abuse the privilege and flood you with countless advertisements. Furthermore, the advertisements promoted by the Pushishere.com page may be pushing unsafe products and overpriced services on...

Posted on April 3, 2020 in Browser Hijackers, Mac Malware

Overiesarticu.info

There are numerous websites that partake in an online tactic known as 'Please Click Allow to Continue.' These are usually empty pages that pretend to host engaging content to trick users into launching them. A great example is the Overiesarticu.info website. The Overiesarticu.info may claim to host interesting articles or exciting videos, but rest assured that this is not the case. There is no interesting content hosted on this fake site as its only goal is to hijack your Web browser notifications. As soon as you open the Overiesarticu.info website, you will see a prompt that urges you to click 'Allow,' or you will not be granted access to the site's content. However, if you do as the website asks you to, you will allow it to send you push-notifications via your Web browser. The Overiesarticu.info page will use this permission to spam...

Posted on April 3, 2020 in Browser Hijackers, Mac Malware

Uitabletublis.info

The Uitabletublis.info page is one of the countless bogus websites online that mislead users into visiting them by promising exciting and unique content. Unfortunately, the Uitabletublis.info website does not host any engaging or useful content, so you are better off avoiding it altogether. Users who attempt to open the dodgy website and view its contents will be greeted by a prompt requesting that they click on the 'Allow' button. Many genuine Web pages ask users to allow notifications, so this may not seem like a big deal. However, instead of using this privilege mindfully, the Uitabletublis.info website will make sure to abuse it by bombarding users with push-notifications via their Web browser. It is advisable to avoid assessing any of the advertisements affiliated with the Uitabletublis.info site. This is because dodgy Web pages...

Posted on April 3, 2020 in Browser Hijackers, Mac Malware

COVID-19 Themed Malware Now Aiming to Wipe Data Off PCs

COVID-19 Themed Malware Now Aiming to Wipe Data Off PCs screenshot

With the Coronavirus (COVID-19) pandemic sweeping the globe, malware authors and threat actors have been working on schemes that take advantage of the fears of the populace. Malware that wipes PCs and destroys systems isn't something new, either wiping files or rewriting the Master Boot Record (MBR). Security researchers found new malware strains carrying the coronavirus theme and aimed at destruction, rather than the usual modus operandi of financial gain. MBR Rewriting Malware Of the malware samples picked up by various security researchers in March 2020, the most advanced were two samples aimed at rewriting MBR sectors. The creation of that malware is aimed at making systems won't boot...

Posted on April 3, 2020 in Computer Security

EngineOrder

EngineOrder is adware designed to target Mac computers. It is common that adware utilities misrepresent themselves as useful tools that will enhance the user’s browsing quality. This may be the case with the EngineOrder tool, as it may claim to help users get more relevant results to their Web searches. Adware often sneaks into users’ Macs via freeware bundles. If the users try to install an application that comes in a bundle with other software, they might not pay close attention during the installation process. This is how countless users end up installing adware on their systems unknowingly. The EngineOrder adware program may trick users into installing it by mimicking a Flash Player update. If you install the EngineOrder application on your Mac, you will experience an increase in the number of advertisements spawned when you browse...

Posted on April 2, 2020 in Adware

'COVID-19.exe' Wiper

A burgeoning number of cyber crooks are taking advantage of the COVID-19 pandemic by creating malware and various online tactics. It is not surprising that individuals who lack morality are trying to exploit a worldwide crisis of the proportions of the Coronavirus outbreak to make a buck. Many cyber crooks have created Coronavirus-based ransomware threats that encrypt users’ data and blackmail them for cash. Others have used the pandemic to propagate infostealers that are capable of collecting information from the compromised hosts. However, the creators of the ‘COVID-19.exe’ threat have taken a different approach. The ‘COVID-19.exe’ malware is a wiper program that has the potential to cause a lot of harm to the hosts it manages to compromise. The malware experts who spotted the ‘COVID-19.exe’ wiper report that this threat is yet to be...

Posted on April 2, 2020 in Malware

Vollgar

The servers of the MS-SQL (Microsoft SQL) service are once again targeted by cybercriminals. In this new campaign, the attackers are deploying a threat dubbed Vollgar. However, the attack is not very elegant. Instead of looking for potential vulnerabilities in outdated software, the attackers are scanning for any MS-SQL servers that may be accessible via the Internet. If the scanning returns a positive result, the Vollgar threat will attempt to use brute force to get the login credentials needed. Unless the administrator of the targeted server has used a strong password, the attackers may be able to hijack their MS-SQL server via brute force. Once the Vollgar threat manager to compromise the targeted MS-SQL server, it will install a Trojan backdoor on the system. This would enable the attackers to execute remote commands on the...

Posted on April 2, 2020 in Backdoors

Sekhmet Ransomware

Cybersecurity researchers have uncovered a new ransomware threat called the Sekhmet Ransomware. Many cybercriminals opt to distribute ransomware threats like the Sekhmet Ransomware because they are perceived as an easy way to make a buck. Propagation and Encryption The Sekhmet Ransomware may be propagated with the help of spam emails. Authors of ransomware threats often use fake emails to spread their threatening creations. They would send the user an email that contains a bogus attached file, and a fraudulent message that would try to convince the user to open the attachment. What may appear as a harmless document can be a corrupted macro-laced file, so users need to be very careful when they receive an email from an unknown source. Some other commonly used propagation methods include fake application downloads and updates, torrent...

Posted on April 2, 2020 in Ransomware

MultiUpgrade

The MultiUpgrade application may present itself as a tool that will be very helpful to Mac users. However, the MultiUpgrade utility is listed as adware by cybersecurity analysts. It is likely that the MultiUpgrade adware program ends up installed on users’ Macs via a fake application update. It would appear that the MultiUpgrade tool is propagated via a bogus Flash Player update that urges users to download it. However, instead of applying an update to the Flash Player utility, you will end up installing adware on your Mac. The MultiUpgrade tool would make sure to place a large number of advertisements on every website you visit. This means that you will be viewing flashing banners, annoying alerts, various pop-up windows, hyperlinks in text, and other advertisements every time you try to browse the Web. If you have installed adware on...

Posted on April 2, 2020 in Mac Malware
1 2 3 4 5 6 7 8 9 10 11 1,418