Top Security News

Top 5 Popular Cybercrimes: How You Can Easily Prevent Them Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles, the days of robbing banks in...
Fake Windows Support Calls Seek to Scam and Infect Computer Users with Malware Fake phone calls from crooks on the other end claiming to be a support team from a well-known entity is an increasing pandemic, which has claimed an alarming rate of victims in the recent weeks. There have been a large number of phone calls received by computer users in various countries from...
Spam Alert: Phishing Email Scam Titled 'Bank of America Alert: Account Suspended' We recently discovered a new phishing scam from a Bank of America spam email message that attempts to warn a computer user of an 'invalid login' resulting in a 'suspended banking account'. The spam message is ultimately a phishing scam that tries to lure computer users to a phishing site to...

Top Articles

LockerGoga Ransomware

LockerGoga Ransomware screenshot

While security researchers have expected ransomware attacks to slow down in 2019, recent ransomware outbreaks remind us that we must remain ever vigilant. One such outbreak that made headlines involved a ransomware known as LockerGoga. The ransomware targeted Norwegian manufacturing company Norsk Hydro, one of the world's top aluminum producers, forcing it to halt operations in multiple factories. This severely hindered the company's production and caused its stocks to fall by 0.8 percent. It is also suspected that a variant of LockerGoga was used to target French engineering company Altran Technologies earlier in January. Ransomware is a type of malware that encrypts the files of a...

Posted on March 31, 2019 in Ransomware

'National Consumer Center' Pop-Ups

'National Consumer Center' Pop-Ups screenshot

The 'National Consumer Center' pop-ups are connected to known online tactics. According to complaints, the 'National Consumer Center' pop-ups may claim that the computer user has won a free iPhone or some other similar costly prize. The 'National Consumer Center' pop-ups may include the legend 'National Consumer Center' in the upper left corner, with an official looking font, and advertisements on the right. These pop-ups are among the most common online tactics and may be used to intrude on the computer user's privacy. The 'National Consumer Center' pop-ups may be caused by adware components installed on the affected Web browser. However, the 'National Consumer Center' pop-ups also may...

Posted on April 28, 2016 in Browser Hijackers

Movies123 Ads

Movies123 Ads screenshot

People who do not like paying for legal streaming services often end up either looking to download the media they are after illicitly or searching for Web pages that offer to stream pirated content for free. However, as it is said, there is no free lunch. Websites that host pirated media tend to work with a whole network of other dodgy actors. Mainly dubious advertisers who will try to sell you all sorts of shady products and subscriptions. A common trick used by dodgy websites like the Movies123 page is to try and trick the user into giving them permission to display browser notifications. Many legitimate websites ask for permission to send browser notifications, but their goal is to...

Posted on September 13, 2019 in Adware

More Articles

Nosu Ransomware

Ransomware threats are one of the worst malware types a regular user can stumble upon. Threats of this class make sure to sneak into their target's system, locate the data of interest, and lock it securely using an encryption algorithm. The goal is to blackmail the users into paying a ransom fee in exchange for a decryption key that will help them recover their data. Among the most recent ransomware threats uncovered is the Nosu Ransomware. This data-encrypting Trojan belongs to the most active ransomware family of 2019 – the STOP Ransomware family. Propagation and Encryption It has not yet been uncovered how the attackers are propagating this ransomware threat. A majority of cyber crooks who distribute file-locking Trojans opt to rely on spam emails. This entails a fake message and a corrupted attachment being sent to the targeted...

Posted on January 21, 2020 in Ransomware

TRSomware Ransomware

The TRSomware Ransomware is one of the newest file-locking Trojans spotted by malware analysts. This threat does not appear to be a variant of an already existing ransomware threat, and thus it is likely that the authors of the TRSomware Ransomware may have created it from scratch. Propagation and Encryption It is likely that the creators of the TRSomware Ransomware are relying on malvertising campaigns, torrent trackers, fake application updates and downloads, bogus pirated variants of popular media or software, or, the most common method, spam emails. The latter technique is popular particularly and consists of an email containing a fraudulent message and a corrupted attachment. Once opened, the attached file would allow the ransomware threat to infiltrate the system of the user. The TRSomware Ransomware is likely targeting a very...

Posted on January 21, 2020 in Ransomware

Devos Ransomware

Cybersecurity experts spot new ransomware threats daily, as this is one of the most popular malware types online. Ransomware threats are often regarded as an easy way to make a quick buck with minimum fear of any negative repercussions. Furthermore, the entry barrier is rather low as even inexperienced cyber crooks can create a data-locking Trojan with the help of a ransomware building kit. One of the newest uncovered threats of this class is the Devos Ransomware. The authors of the Devos Ransomware have based their creation on the infamous Phobos Ransomware. Propagation and Encryption Spam email campaigns are the most commonly used propagation methods regarding ransomware threats. Normally, the targeted users would receive an email that consists of a bogus message that attempts to convince them to execute the attached file. The email...

Posted on January 21, 2020 in Ransomware

Centerplaceofupgrade.pro

The Centerplaceofupgrade.pro site is one of the countless fake Web pages that do not provide any value to their visitors despite claiming to do so. It seems that the creators of the Centerplaceofupgrade.pro page are targeting Mac users mainly because the website claims to provide the user with an update for the Adobe Flash Player for OSX. It is likely that this fake website also is targeting users running the Windows OS as it may claim to offer Windows users an update for their Adobe Flash Player. However, both of these claims are fraudulent. Shady actors online often tend to push PUPs (Potentially Unwanted Programs) and even malware using this old trick. Do not Apply Updates from Third-Party Sites Malware researchers advise users strongly to avoid downloading software or applying updates to their applications via third-party sites as...

Posted on January 21, 2020 in Browser Helper Object

Kodc Ransomware

The most active ransomware family of 2019 continues to plague users online in 2020, too – the STOP Ransomware. During 2019, cyber crooks created and distributed over 200 copies of this nasty Trojan. It would appear that the trend is not dying down, as malware analysts have spotted a new copy of the STOP Ransomware and dubbed it the Kodc Ransomware. Propagation and Encryption A large number of cybercriminals who create ransomware threats tend to rely on spam email campaigns to propagate their Trojans. The targeted user would receive an email containing a bogus message and a corrupted attachment, which, once launched, would compromise the user’s system. Among other commonly used propagation methods are torrent trackers, fake software updates, fraudulent pirated copies of popular media and applications, etc. Most ransomware threats are...

Posted on January 20, 2020 in Ransomware

RagnarokCry Ransomware

Most authors of ransomware opt to base their creations on already existing data-locking Trojans by borrowing their code. There are cyber crooks who develop their own file-encrypting Trojans from the ground up, but these often tend to have a variety of issues and are sometimes completely useless. However, this is not the case with the RaganrokCry Ransomware. The creators of this ransomware threat have done a good job, and the RaganrokCry Ransomware is fully functional. Propagation and Encryption Most creators of ransomware threats rely on several popular means of propagation – fake application downloads and updates, torrent trackers, malvertising campaigns, bogus pirated software and media, spam emails containing macro-laced attachments, etc. Once the RaganrokCry Ransomware sneaks into your computer, it will scan the files that are...

Posted on January 20, 2020 in Ransomware

Nest Video Extortion' Email Scam

Email tactics have existed since the dawn of the Internet. One of the newest schemes that are gaining prominence quickly is called the ‘Nest Video Extortion’ email scam. This campaign appears to target users located in the United States, mainly. According to reports, the authors of the ‘Nest Video Extortion’ tactic have sent fraudulent emails to more than 1,500 users. This tactic also can be classified as ‘sextortion’ as the attackers claim to be in possession of nude footage of the target and threaten to send them to various adult entertainment websites. The attackers also claim to have access to the user’s mobile device, which serves to intimidate the target further. Instead of just asking for cash in exchange for wiping out the supposed nude videos, the attackers take a different path. Uses Various Social Engineering Tricks Firstly,...

Posted on January 20, 2020 in Adware

'YOU ARE THE CHOSEN!' Pop-Ups

Users who tend to browse dodgy websites often encounter several issues as such Web pages work hand in hand with shady advertisement networks and other dubious services. Shady websites include pages hosting adult content, gambling platforms, illicit streaming sites, bogus giveaway Web pages, etc. Visitors of such websites are likely to come across the ‘YOU ARE THE CHOSEN!’ pop-ups. These fake pop-ups claim that the visitors have won a prize, and to claim it, they have to complete a few steps. To make this tactic more believable, its authors have also built a fake page with bogus reviews from non-existing individuals who claim to have won the prize in question. The Con-Artists may Utilize Various Tricks There are several tricks the ‘YOU ARE THE CHOSEN!’ pop-ups may attempt to pull on the user. One of them is tricking them into allowing...

Posted on January 20, 2020 in Adware

JhoneRAT

The JhoneRAT is an impressive RAT (Remote Access Trojan) whose activity has spiked recently. After studying this threat, malware analysts concluded that it has likely been built from the ground up. This is not unusual, but many authors of RATs prefer to borrow the code of existing threats instead of building a tool from scratch. According to the experts, the JhoneRAT is written in the Python programming language. Propagation Method The JhoneRAT is being distributed with the help of spam email campaigns. This is a very popular propagation method when it comes to spreading malware. Usually, the spam emails would contain a corrupted attached file. This is the case with the JhoneRAT too. The attachments used in the propagation of the JhoneRAThave two types – one claims to be an important document that has to be opened urgently, while the...

Posted on January 17, 2020 in Remote Administration Tools

LALALA Infostealer

Malware researchers have uncovered a brand-new infostealer pestering users online. This threat is dubbed the LALALA Infostealer, and it is not known who are the developers behind it. The goal of the LALALA Infostealer is to sneak into their target’s system silently, collect information, and then exfiltrate the gathered data to the attackers’ C&C (Command & Control) server. Gathers, Compresses and Transfers Data to the Attackers’ C&C It appears that the authors of the LALALA Infostealer are using spam email campaigns to propagate this threat. Usually, this includes a fake message and a macro-laced attachment. Users who fall for this trick and launch the attached file would allow the threat to compromise their system. Upon infecting a targeted PC, the LALALA Infostealer will make sure that a VBS file is executed every minute. The VBS...

Posted on January 17, 2020 in Trojans

Picocode Ransomware

Cybersecurity analysts have uncovered a new data-encrypting threat targeting unsuspecting users online. The name of this new threat is the Picocode Ransomware. This ransomware threat may have been built from scratch as it does not appear to be a variant of any of the popular file-locking Trojans known to malware researchers. Propagation and Encryption Many authors of ransomware threats use spam emails to spread their threatening creations. The emails in question tend to contain a macro-laced attachment and a fraudulent message that urges the user to execute the attached file. Corrupted advertisement campaigns, bogus applications downloads, updates, and torrent trackers are also among the popular propagation methods used by ransomware authors. The Picocode Ransomware is designed to cause maximum damage to the compromised host. This is...

Posted on January 17, 2020 in Ransomware

Creditcable.info

A growing number of individuals with questionable moral compasses are setting up bogus websites that provide no value to their visitors. An example of this is the Creditcable.info page. This website’s sole purpose is to trick its visitors into providing it with permission to display Web browser notifications. The reason behind this is simple – the operators of the Creditcable.info website will bombard users with unwanted advertisements via their Web browser notifications. Users who have come across the Creditcable.info site have likely been browsing dodgy pages like adult entertainment websites, illicit streaming platforms, etc. Attempts to Trick the Visitor Using Various Techniques To get the user’s permission to display Web browser notifications, the Creditcable.info site may try several tricks. This website is known to present its...

Posted on January 17, 2020 in Browser Hijackers

Bopador Ransomware

The Bopador ransomware is a new name for a Djvu ransomware clone. Djvu is also commonly referred to as the STOP/Djvu ransomware, as it is part of a family of threats that share a lot of common features. A huge amount of STOP/Djvu ransomware variants were decrypted in late 2019, with even more variants added to the free decryption tool towards the end of the year. In light of the ransom amount that Bopador demands, the ransomware is obviously intended for spam email campaigns and targets individual users and not large businesses. It's not too clear when exactly Bopador started infecting victims but it's safe to say that the influx of infection reports started in the second half of 2019. Bopador copies STOP/Djvu in almost every respect. Its only defining feature that separates it from Djvu is that encrypted files receive the ".bopador"...

Posted on January 16, 2020 in Ransomware

Adhubllka Ransomware

Cybersecurity analysts have uncovered a new file-locking Trojan plaguing users online. Its name is Adhubllka Ransomware. Most authors of ransomware threats depend on ransomware building kits or readily available code from already established data-encrypting Trojans. This means that even inexperienced cybercriminals can create and spread a ransomware threat easily. It is not yet clear whether the Adhubllka Ransomware is built from scratch or its authors relied on the code of an existing threat to create this pest. Propagation and Encryption A large number of cyber crooks who propagate ransomware threats often rely on mass spam email campaigns to distribute their creations. The targeted user would receive an email that contains a bogus message and a corrupted attachment. The fake message’s goal is to trick the users into launching the...

Posted on January 16, 2020 in Ransomware

PowerTrick

The TrickBot hacking group is back in the news with a new backdoor Trojan called PowerTrick. The TrickBot hacking group tends to target businesses and institutions involved in the financial sector. The PowerTrick backdoor Trojan is not used as a first-stage payload. Instead, the TrickBot hackers employ it at a later stage of the campaign as it would ensure further control over the infected system. The TrickBot hacking group consists of very experienced individuals who know what they are doing when it comes to cybercrime. This is no surprise that once again, they are going after high-end targets. Of course, to carry out a successful campaign against such targets, the

Posted on January 16, 2020 in Backdoors
1 2 3 4 5 6 7 8 9 10 11 1,387