Top Security News

Beware of Michael Jackson One Year Death Anniversary Spam Email To celebrate the life and legacy of one of the greatest entertainers of our time, fans around the world will once again be searching for their favorite Michael Jackson song and paying tribute to the King of Pop as we approach his one-year death anniversary. After the death of Michael Jackson on...
Warning: Menacing BlackHole Exploit Kit Targeting Windows PCs Now Available to Hackers for Free Christmas has come early for novice hackers and criminals looking to get their share of the scam operatives flooding the Internet after someone publicly set free not one but two dangerous malware tools in just under 30 days. Once available as a password protected archive, the Zeus malware kit and...
Hackers Attack Citibank Pilfering over 200,000 Credit Card Customers' Personal Data While more news on Rep. Anthony Weiner's (D-N.Y.) online sex scandal continues to appear, another hacking incident occurs, this time hackers broke into Citibank's computers stealing account numbers, names and contact information. Citibank, one of the biggest 4 banks in the USA, discovered a data...

Top Articles

GandCrab Ransomware

GandCrab ransomware is a malware threat that encrypts data on affected computers and demands the payment of ransom in exchange for a decryption tool. That cryptovirus appeared for the first time at the end of January this year, and since then researchers have identified several different versions of GandCrab, among which GDCB, GandCrab v2, GandCrab v3, GandCrab v4, and GandCrab v5. The latest version was identified just about a month ago in September 2018. The features and encryption mechanisms of this ransomware have evolved since its first appearance - while the initial three versions have used RSA and AES encryption algorithms to lock up data on the infected device, version 4 and above employ additional and more sophisticated cipher like Salsa20. Malware researchers believe that this is done mostly for speed reasons as the Salsa20...

Posted on January 29, 2018 in Ransomware

RobinHood Ransomware

The RobinHood Ransomware (RobbinHood Ransomware or RobbinHood File Extension Ransomware) is a ransomware Trojan that is used to harass computer users under the pretext of raising awareness and funds for the people of Yemen. In fact, there is no evidence to support the theory that the creators of the RobinHood Ransomware have altruistic motives. It is likelier that the con artists are using the RobinHood Ransomware to profit in the same way that the creators of most encryption ransomware Trojans act today. However, the ransom demand in the case of the RobinHood Ransomware is extremely elevated, making it very unlikely that any individual PC users will pay the RobinHood Ransomware ransom in case of an attack. Take preventive measures against ransomware Trojans like the RobinHood Ransomware, which are becoming common increasingly. Yemen...

Posted on August 4, 2017 in Ransomware

WannaCryptor or WanaCrypt0r Ransomware

WannaCryptor or WanaCrypt0r Ransomware screenshot

The WanaCrypt0r Ransomware is an encryption Trojan that features a worm-like attack tactic. The WanaCrypt0r Ransomware is recognized as one of the most threatening and widespread encryption Trojans up until May 12th, 2017. The WanaCrypt0r Ransomware managed to compromise more than hundreds of thousand systems across one hundred and forty countries on its first release to the real world. The brunt of the attack was taken by PC users in Russia and the National Healthcare System in Great Britain. The Trojan managed to block access to most of the computers connected to the National Healthcare System and nearly 70% of the cases that involve the WanaCrypt0r Ransomware are recorded in Russia....

Posted on March 29, 2017 in Ransomware

More Articles

ZeroCleare

ZeroCleare screenshot

Cybersecurity researchers tend to label the most advanced hacking groups as APTs (Advanced Persistent Threats). APTs are often hired by governments to carry out shady operations. However, not all APTs are government-sponsored, and many operate on their own, pursuing their own agendas. Most APT groups would either carry out attacks with the goal of collecting information on their target or launch purely financially-motivated operations. However, there are certain APTs whose aim is to wreak as much havoc as possible and cause as much damage as they can. Disk wipers are the most commonly malware used in such threatening campaigns. Disk wipers’ aim is to destroy the data stored in the...

Posted on December 5, 2019 in Malware

Uiojx.xyz

The Uiojx.xyz website is a shady page that does not host any valuable content. Upon opening the Uiojx.xyz site, you will notice that the homepage is empty. However, this is not just a blip as the sub-directories of the website also will disappoint you. They do not appear to have any meaningful content on them, and their names have been generated randomly. According to reports, the Uiojx.xyz site is being advertised with the help of dubious pop-up advertisements. Such advertisements tend to be hosted on dodgy websites that we would advise you to avoid. Presents Users with a Fake ‘Flash Player’ Update The Uiojx.xyz site appears to have the ability to determine what Web browser the visitor is using and, based on this, display different sub-directories. The Uiojx.xyz Web page supports the most popular browsers, including Mozilla Firefox,...

Posted on December 5, 2019 in Browser Hijackers

CILLA Ransomware

Most ransomware threats that get spotted in the wild are copies of already existing data-locking Trojans that are well-established in the world of cybercrime. One of the most recently spotted ransomware threats is called CILLA Ransomware, and it belongs to the Globe Imposter Ransomware family. Propagation and Encryption Authors of ransomware threats use various propagation techniques to spread their threatening spawns. It is fair to say that the most popular infection vector when it comes to the distribution of file-encrypting Trojans is spam emails. Usually, the attackers will send spam emails en masse with the goal of infecting as many computers as possible. The spam email would often contain a fraudulent message that aims at convincing the user to execute the attached file. Authors of ransomware tend to attach a macro-laced document...

Posted on December 5, 2019 in Ransomware

Righ Ransomware

Cybersecurity experts are struggling to keep up with all the ransomware threats that cybercriminals are pumping out. Creating and distributing a data-locking Trojan is not as difficult as it may sound initially. Most cyber crooks opt to borrow the code of existing ransomware threats and alter it slightly to fit their needs. This is a far easier approach than building a file-encrypting Trojan from scratch. This is what the creators of the Righ Ransomware have done exactly. This newly uncovered ransomware threat is a copy of the infamous STOP Ransomware – the most active ransomware family in 2019, with over 200 copies built and distributed. Propagation and Encryption The creators of the Righ Ransomware may be using spam emails to propagate their creation, as this appears to be the most commonly used distribution method when it comes to...

Posted on December 5, 2019 in Ransomware

CallerSpy

Nowadays, everyone has a smartphone, and the largest share of the market certainly belongs to Android. This explains why a growing number of cybercriminals are building threats that target Android devices exclusively. One of the most recently spotted malware strains designed for Android devices is called CallerSpy. The CallerSpy threat serves as a spying tool that gathers data on the targeted user. To propagate it freely, the creators of the CallerSpy malware have masked it as a messaging application. The CallerSpy threat poses as either ‘Apex App’ or ‘Chatrious.’ These fake applications were hosted on a website tailored to look like a genuine Google site specifically. The Web page in question had the ‘Gooogle(dot)press.’ domain name. Imitating a Google-related website is a very old trick used by countless cyber crooks through the...

Posted on December 4, 2019 in Malware

OSX/NukeSped

North Korea’s most prolific hacking group is the Lazarus APT (Advanced Persistent Threat) undoubtedly. Security experts believe that this hacking group is sponsored by the North Korean governmen directly and is likely paid to do Kim Jong-un’s bidding. Among their vast arsenal of hacking tools is the NukeSped RAT (Remote Access Trojan). So far, the NukeSped RAT was designed to target devices running Window only. However, it would appear that the Lazarus hacking group has decided to expand its reach and have redesigned the NukeSped RAT allowing the threat to now target Mac systems too. The name of the new NukeSped RAT variant is OSX/NukeSped. Propagation Methods Malware researchers have spotted two propagation methods employed by the Lazarus hacking group: A bogus Adobe Flash file that carries a genuine copy of the application alongside...

Posted on December 4, 2019 in Backdoors

CStealer

The CStealer threat is yet another strain of malware that aims at collecting information about its targets. The CStealer malware is designed to target systems running Windows exclusively. Infostealers like the CStealer threat tend to gather data from the host and then transfer it to the remote server of its operators. Exfiltration Technique Normally, the authors of threats of this class tend to use FTP or HTTP connection to siphon the gathered data. Another method that is gaining popularity is employing a Telegram bot to exfiltrate the information. However, in the case of the CStealer malware, the attackers have opted to use a rather interesting technique. The collected information is transferred to a MongoDB database set up by the threat’s authors. However, there are some issues with this method certainly. The attackers have hardcoded...

Posted on December 4, 2019 in Trojans

SwiftEngine

A growing number of shady individuals are developing all malware types and PUPs (Potentially Unwanted Programs) that are targeting OSX exclusively. It is important to note that PUPs are not threatening applications and would not harm your system. However, they will not bring any value to you either; quite the opposite, PUPs tend to reduce one’s browsing quality and cause annoyance. Spams Users with Advertisements The SwiftEngine application is a PUP that is designed to target systems running OSX. This application poses as software that is meant to enhance your search engine and help it deliver more relevant results. It also claims to improve the efficiency of your Web browsing sessions. However, none of this is true, and the SwiftEngine application is not going to improve your experience in any way. Instead of introducing improvements...

Posted on December 4, 2019 in Potentially Unwanted Programs

LockBit Ransomware

Ransomware threats are running rampant on the Web. Countless users have reported that their data has been encrypted by a data-locking Trojan. Unfortunately, it is not likely that we will see the end of the epidemic any time soon. One of the newest threats of this type has been dubbed the LockBit Ransomware. This nasty Trojan is capable of locking all the data present on a compromised system very quickly. Propagation and Encryption It does not seem that the LockBit Ransomware is a copy of any of the popular ransomware threats active currently. The infection methods used in the propagation of the LockBit Ransomware have not yet been determined. However, authors of ransomware tend to rely on spam email campaigns to spread their creations mainly. The emails tend to consist of a fraudulent message that aims at convincing the target to...

Posted on December 4, 2019 in Ransomware

iWorm

Malware that targets Mac computers is becoming more and more common by the day. One of the threats that target machines running OSX exclusively is called iWorm. Cybersecurity researchers have firs spotted this threat back in 2014. It has been reported that the iWorm malware has managed to compromise around 18,000 devices worldwide. This threat is capable of taking control of the infected host and using it for various purposes. It appears that the operators of the iWorm malware are using it to build a botnet. Experts are not fully certain what the botnet will be used for, but it is likely that it may be employed in DDoS (Distributed-Denial-of-Service) attacks, mass spam email campaigns, cryptocurrency mining operations, etc. Capabilities Apart from being able to gain control over the compromised system, the iWorm malware also enables...

Posted on December 3, 2019 in Botnets

PyXie RAT

The PyXie RAT is a threat that was first uncovered in 2018. In its essence, this threat is a RAT (Remote Access Trojan), which is written in the Python programming language. When malware researchers first spotted the PyXie RAT, the threat was not spread very widely. However, its operators have since made sure to expand their reach, and cybersecurity experts have spotted several variants of the threat lurking the Web. Upon dissecting the PyXie RAT, experts have concluded that its authors are very highly-skilled and experienced as this threat is a very high-end Remote Access Trojan. The creators of the PyXie RAT have borrowed code from a couple of infamous hacking tools and made sure that their creation is difficult to study and analyze. Packs a Threatening Downloader Module The operators have a corrupted code to legitimate DLL files...

Posted on December 3, 2019 in Remote Administration Tools

Xochuaime.site

The Xochuaime.site Web page is one of the numerous dodgy or outright useless websites on the Internet. The Xochuaime.site not only does not host any valuable content, but launching it would often lead the user to an empty page. Many users have reported that the Xochuaime.site page has tried to trick them into permitting the site to display Web browser notifications or mobile notifications. The operators of the Xochuaime.site website appear to be using various social engineering techniques to achieve this goal. It Spams Users with Web Browser Notifications One of the tricks that the Xochuaime.site page’s authors use, is to present users with a bogus prompt on a few of their subpages. Supposedly, the purpose of the prompt is for the users to confirm that they are legitimate and not a bot. Normally, such security measures ask the user to...

Posted on December 3, 2019 in Adware

Urgent-incoming.email

Many shady individuals online have been using Web browser notifications as a tool to promote dodgy services and low-quality products. Legitimate websites would often use Web browser notifications to provide the user with meaningful information or content such as breaking news or the latest discounts. However, dubious websites would instead bombard the user with unwanted advertisements via their browser notifications tirelessly. More often than not, these shady Web pages would not host any worthwhile content and will exist with the sole purpose of spamming advertisements. Among the Web pages that take part in this practice is the Urgent-incoming.email site. The Urgent-incoming.email website is capable of detecting which Web browser the persons are using and even whether they are on a PC or a mobile device. This allows them to present...

Posted on December 3, 2019 in Adware

Msop Ransomware

The Msop Ransomware is a newly uncovered data-locking Trojan. Upon spotting and studying this threat, malware researchers found that this is yet another variant of the notorious STOP Ransomware. In 2019, the STOP Ransomware family has been the most active ransomware family out there, undoubtedly. It has been estimated that ransomware authors have released approximately 200 variants of the STOP Ransomware in 2019 alone. Propagation Methods It is not clear what is the exact propagation method that the authors of the Msop Ransomware are utilizing in the spreading of this nasty Trojan. Spam emails are the most commonly used method in regard to the propagation of ransomware threats. Usually, these emails would contain a message ridden with social engineering tricks whose sole purpose is to deceive the user into believing that the file that...

Posted on December 3, 2019 in Ransomware

OSX/NewTab

Mac users tend to fall into the trap of false confidence when it comes to security measures. Mac computers are rather safe systems, but they are far from impenetrable, and anyone who believes that they are is playing a very threatening game. An increasing number of malware creators are taking an interest in developing threats for the OSX. Promotes Potentially Unsafe Content Cybersecurity researchers have spotted a new malware targeting Mac computers, the OSX/NewTab. This threat is not a very complex one. Its goal is to infiltrate the Safari Web browser and launch new tabs in the windows that the user has opened. When categorizing malware, experts tend to put applications like the OSX/NewTab in the PUP (Potentially Unwanted Program) category. However, PUPs tend to advertise a particular website or redirect the user to a certain search...

Posted on December 2, 2019 in Malware
1 2 3 4 5 6 7 8 9 10 11 1,377