Top Security News

Top 5 Popular Cybercrimes: How You Can Easily Prevent Them Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles, the days of robbing banks in...
Fake Windows Support Calls Seek to Scam and Infect Computer Users with Malware Fake phone calls from crooks on the other end claiming to be a support team from a well-known entity is an increasing pandemic, which has claimed an alarming rate of victims in the recent weeks. There have been a large number of phone calls received by computer users in various countries from...
Spam Alert: Phishing Email Scam Titled 'Bank of America Alert: Account Suspended' We recently discovered a new phishing scam from a Bank of America spam email message that attempts to warn a computer user of an 'invalid login' resulting in a 'suspended banking account'. The spam message is ultimately a phishing scam that tries to lure computer users to a phishing site to...

Top Articles

'National Consumer Center' Pop-Ups

'National Consumer Center' Pop-Ups screenshot

The 'National Consumer Center' pop-ups are connected to known online tactics. According to complaints, the 'National Consumer Center' pop-ups may claim that the computer user has won a free iPhone or some other similar costly prize. The 'National Consumer Center' pop-ups may include the legend 'National Consumer Center' in the upper left corner, with an official looking font, and advertisements on the right. These pop-ups are among the most common online tactics and may be used to intrude on the computer user's privacy. The 'National Consumer Center' pop-ups may be caused by adware components installed on the affected Web browser. However, the 'National Consumer Center' pop-ups also may...

Posted on April 28, 2016 in Browser Hijackers

Movies123 Ads

Movies123 Ads screenshot

People who do not like paying for legal streaming services often end up either looking to download the media they are after illicitly or searching for Web pages that offer to stream pirated content for free. However, as it is said, there is no free lunch. Websites that host pirated media tend to work with a whole network of other dodgy actors. Mainly dubious advertisers who will try to sell you all sorts of shady products and subscriptions. A common trick used by dodgy websites like the Movies123 page is to try and trick the user into giving them permission to display browser notifications. Many legitimate websites ask for permission to send browser notifications, but their goal is to...

Posted on September 13, 2019 in Adware

Ryuk Ransomware

The Ryuk Ransomware is a data encryption Trojan that was identified on August 13th, 2018. It appears that private companies and healthcare institutions have been compromised with the Ryuk Ransomware. Threat actors were reported of infecting organizations in the USA and Germany. Initial analysis suggests the threat was injected in systems through compromised RDP accounts, but it is possible that there is a parallel spam campaign that carries the threat payload as macro-enabled DOCX and PDF files. General Facts and Attribution Ryuk Ransomware appeared in the middle of August 2018 with several well-planned targeted attacks against major organizations worldwide, encrypting data on infected PCs and networks and demanding the payment of a ransom in exchange for a decryptor tool. Ryuk does not demonstrate extremely advanced technical skills,...

Posted on August 23, 2018 in Ransomware

More Articles

Bopador Ransomware

The Bopador ransomware is a new name for a Djvu ransomware clone. Djvu is also commonly referred to as the STOP/Djvu ransomware, as it is part of a family of threats that share a lot of common features. A huge amount of STOP/Djvu ransomware variants were decrypted in late 2019, with even more variants added to the free decryption tool towards the end of the year. In light of the ransom amount that Bopador demands, the ransomware is obviously intended for spam email campaigns and targets individual users and not large businesses. It's not too clear when exactly Bopador started infecting victims but it's safe to say that the influx of infection reports started in the second half of 2019. Bopador copies STOP/Djvu in almost every respect. Its only defining feature that separates it from Djvu is that encrypted files receive the ".bopador"...

Posted on January 16, 2020 in Ransomware

Adhubllka Ransomware

Cybersecurity analysts have uncovered a new file-locking Trojan plaguing users online. Its name is Adhubllka Ransomware. Most authors of ransomware threats depend on ransomware building kits or readily available code from already established data-encrypting Trojans. This means that even inexperienced cybercriminals can create and spread a ransomware threat easily. It is not yet clear whether the Adhubllka Ransomware is built from scratch or its authors relied on the code of an existing threat to create this pest. Propagation and Encryption A large number of cyber crooks who propagate ransomware threats often rely on mass spam email campaigns to distribute their creations. The targeted user would receive an email that contains a bogus message and a corrupted attachment. The fake message’s goal is to trick the users into launching the...

Posted on January 16, 2020 in Ransomware

PowerTrick

The TrickBot hacking group is back in the news with a new backdoor Trojan called PowerTrick. The TrickBot hacking group tends to target businesses and institutions involved in the financial sector. The PowerTrick backdoor Trojan is not used as a first-stage payload. Instead, the TrickBot hackers employ it at a later stage of the campaign as it would ensure further control over the infected system. The TrickBot hacking group consists of very experienced individuals who know what they are doing when it comes to cybercrime. This is no surprise that once again, they are going after high-end targets. Of course, to carry out a successful campaign against such targets, the

Posted on January 16, 2020 in Backdoors

Weather Forecaster

The Weather Forecaster Web browser extension is listed as a PUP (Potentially Unwanted Program) by various anti-malware tools. This Web browser extension is compatible with both Google Chrome and Mozilla Firefox. It is likely that its developers have chosen to target these two Web browsers, as they are the most popular ones worldwide. Does not Provide Any Valuable Features The Weather Forecaster Web browser extension promotes itself as a helpful extension that will aid its users in finding out information regarding current weather conditions. It also claims to provide users with a reliable weather forecast. However, authors of fake extensions like the Weather Forecaster do not provide their users with any unique features or tools. Instead, they rely on publicly available tools and promote their product as unique when nothing can be...

Posted on January 16, 2020 in Potentially Unwanted Programs

'Your Windows 10 is infected with 5 viruses!' Pop-Ups

Users who come across the ‘Your Windows 10 is infected with 5 viruses!’ pop-ups have likely been browsing dodgy content online. Shady websites like adult entertainment, dubious gambling platforms, or pages streaming pirated media can surprise their visitors with bogus pop-ups like the ‘Your Windows 10 is infected with 5 viruses!’ alerts. Likely Attempts to Sell Fake Anti-Malware Tools The ‘Your Windows 10 is infected with 5 viruses!’ pop-ups are crafted to look legitimate specifically. This way, the users may believe that their systems have been scanned by a genuine anti-malware tool, and is warning them. Another social engineering trick used by shady individuals who create fake pop-ups is instilling a sense of urgency. The user is warned that their computers are infected with not one, but five threats. This serves to pressure the user...

Posted on January 16, 2020 in Adware

Faketoken

A growing number of cyber crooks are getting into the business of building malware targeting Android devices. Among the threats targeting devices running the Android OS is the Faketoken Trojan. This threat is not brand new; in fact, malware researchers had first spotted its activity back in 2017. However, the operators of the Faketoken Trojan are not slacking – they keep updating this threat to ensure it is capable of avoiding detection by security tools. Some of their updates include the further weaponization of the Faketoken Trojan too. Propagation Methods The Faketoken threat can serve both as a reconnaissance tool, as well as a banking Trojan. So far, it has been reported that there are two infection vectors involved in the propagation of the Faketoken Trojan. It would appear that some users who been tricked into allowing this...

Posted on January 15, 2020 in Trojans

5ss5c Ransomware

One of the newest spotted ransomware threats in the wild has been dubbed the 5Ss5c Ransomware. When malware researchers studied this new Trojan, they found that this is not a threat built from scratch. Instead, the creators of the 5Ss5c Ransomware have based this Trojan on the already existing Satan Ransomware. This is a common method used by a large number of ransomware authors, as it is much more time-efficient and far easier. Propagation and Encryption The 5Ss5c Ransomware is likely being spread with the help of phishing emails. Normally, a bogus email would contain a fake message and a corrupted attached file, often a document that appears important. This is how authors of ransomware often manage to trick users into launching the unsafe attachment on their systems. Other commonly used propagation methods include torrent trackers,...

Posted on January 15, 2020 in Ransomware

Horsedeal Ransomware

Malware analysts spot new ransomware threats on a daily basis. The barrier of entry, regarding data-locking Trojans, is rather low. This happens because even cybercriminals with little to no experience can create and distribute this threat. This can be mastered with the help of various ransomware building kits. One of the latest file-encrypting Trojans to emerge on the Web was named the Horsedeal Ransomware. Propagation and Encryption The techniques involved in the propagation of the Horsedeal Ransomware are yet to be uncovered. Some cybersecurity researchers speculate that the authors of the threat may be utilizing malvertising campaigns, bogus pirated copies of popular software tools and media, torrent trackers, mass spam email campaigns, etc. Upon infiltrating a targeted machine, the Horsedeal Ransomware will trigger a scan on all...

Posted on January 15, 2020 in Ransomware

Online TV Streamer

Some browser extensions can prove to be very useful and of great benefit to their users. Regretfully, this is not the case with all browser extensions. Shady actors online tend to create browser extensions that are not only no great to use but also may hinder the browsing quality of their users. Regardless of their lack of usefulness and quality, such dodgy Web browser extensions often promise their users helpful features and good tools. Needless to say, this is nothing more than blatant lies. One of the countless useless extensions prying on unsuspecting users online is the Online TV Streamer extension. Applies Changes to the User's Web Browser without Their Knowledge The end goal of this dodgy extension is to redirect the user's traffic to affiliated sites. This is how the operators of the Online TV Streamer extension are generating...

Posted on January 15, 2020 in Potentially Unwanted Programs

'beatifulgirls@youknowmynameisbob.online' Ransomware

A growing number of cyber crooks try their luck with ransomware threats, as this type of malware can be easy to build and distribute. A large portion of ransomware authors simply borrow the code of existing threats of this kind and change it slightly to fit their needs. Recently, cybersecurity experts have spotted a new threat of this class - ‘beatifulgirls@youknowmynameisbob.online’ Ransomware. Propagation and Encryption After dissecting the threat, researchers found that the authors of the ‘beatifulgirls@youknowmynameisbob.online’ Ransomware have used the template of the tellyouthepass Ransomware ransom note to create their own. Furthermore, it would appear that the ‘beatifulgirls@youknowmynameisbob.online’ Ransomware applies the exact same encryption algorithm that the tellyouthepass Ransomware utilizes. The infection vector used in...

Posted on January 14, 2020 in Ransomware

Oski Stealer

The Oski Stealer is a newly spotted infostealer gaining popularity online. Cybersecurity researchers found that the Oski Stealer is being sold on various Russian forums dedicated to malware. It is likely that the creators of the Oski Stealer originate from the Russian Federation. However, malware experts have discovered that the Oski Stealer also is being promoted on several international platforms, which means that this infostealer will likely be propagated worldwide. Capabilities The creators of the Oski Stealer claim that this threat has a wide range of capabilities. Apparently, the Oski Stealer is able to extract data from the victim’s Web browser. The threat is compatible with several popular Web browsers – Google Chrome, Mozilla Firefox, Yandex, Vivaldi, Blackhawk, etc. Furthermore, the authors of the Oski Stealer state that this...

Posted on January 14, 2020 in Malware

Watch Movies Live

There are countless bogus websites and fake extensions prying on naive online users. An excellent example of this is the Watch Movies Live Web browser extension. This misleading extension claims that it will allow its users to browse and watch movies for free. However, this is not true, and the Watch Movies Live extension will not provide you with the free movies it promises. Instead, you may notice that this bogus extension has meddled with your Web browser settings. The Watch Movies Live extension is known to change both the preferred search engine of the user and their new tab page. Tricks Users into Utilizing a Third-Party Search Engine The creators of the Watch Movies Live extension have made sure to make two variants compatible with two of the most popular Web browsers – Google Chrome and Mozilla Firefox. Both variants of the...

Posted on January 14, 2020 in Potentially Unwanted Programs

Easy Gaming App

The Easy Gaming App Web browser extension is among the countless fake extensions that target less tech-savvy users worldwide. In the case of the Easy Gaming App, its creators are claiming that users who install this extension will be granted access to a large gaming library that consists of numerous games. However, the operators of the Easy Gaming App extension make it seem that they are providing users with unique games when this is not the case certainly. The games that can be accessed via the Easy Gaming App extension are free to play games that are available online. Since all the games that the Easy Gaming App extension offers are freely available and one click away already, there is no need for users to install this dodgy extension as it provides no value. Delivers Less Relevant Search Results Once the users install the Easy...

Posted on January 14, 2020 in Potentially Unwanted Programs

Ako Ransomware

The Ako Ransomware was one of the most active ransomware threats at the end of 2019. This data -encrypting Trojan is a variant of the Medusa Ransomware. Malware experts work hard to publish free decryption tools for victims of ransomware. However, they have not been able to build one compatible with the Ako Ransomware yet. Propagation and Encryption So far, it is not clear what is the infection vector used for the propagation of the Ako Ransomware. Authors of ransomware threats tend to rely on spam email campaigns to distribute their nasty Trojans. Usually, this would involve emails that contain a fake message designed with the help of various social engineering techniques. Also, the emails in question would contain a corrupted attachment that is masked to look like a harmless document or another seemingly innocent file. Other commonly...

Posted on January 13, 2020 in Ransomware

Shopper

The Shopper threat is a malware designed for Android devices specifically. According to reports, the Shopper malware has been active in the past months, particularly with most infected devices located on the territory of the Russian Federation. However, experts state that the Shopper threat is also gaining popularity in Brazil, as well as India. The Shopper malware is not complex particularly, but it still gets the job done. The Main Goal is Click-Fraud The main goal of the Shopper Trojan is to take control of the victim’s account and use it to boost the numbers of affiliated applications artificially. This means that the attackers’ aim is to use the hijacked account to post bogus positive reviews of particular applications. Furthermore, the Shopper also can boost the download count of the affiliated applications. Unfortunately, the...

Posted on January 13, 2020 in Trojans
1 2 3 4 5 6 7 8 9 10 11 1,386